Search

Find a vulnerability

Search criteria

    36 vulnerabilities found for Symantec Privileged Access Management by Broadcom

    CVE-2025-24507 (GCVE-0-2025-24507)

    Vulnerability from nvd – Published: 2025-01-30 18:41 – Updated: 2025-02-05 05:37
    VLAI
    Summary
    This vulnerability allows appliance compromise at boot time.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24507",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:17:11.902260Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:20:56.173Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows appliance compromise at boot time.\u003c/span\u003e"
                }
              ],
              "value": "This vulnerability allows appliance compromise at boot time."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 8.9,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T05:37:57.252Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24507",
        "datePublished": "2025-01-30T18:41:50.906Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T05:37:57.252Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24506 (GCVE-0-2025-24506)

    Vulnerability from nvd – Published: 2025-01-30 18:39 – Updated: 2025-02-05 05:36
    VLAI
    Summary
    A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24506",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:17:39.353436Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:19:19.284Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.\u003c/span\u003e"
                }
              ],
              "value": "A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Information Harvesting"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T05:36:34.940Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24506",
        "datePublished": "2025-01-30T18:39:19.670Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T05:36:34.940Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24505 (GCVE-0-2025-24505)

    Vulnerability from nvd – Published: 2025-01-30 18:36 – Updated: 2025-02-05 05:36
    VLAI
    Summary
    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24505",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:18:01.463871Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:18:34.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.\u003c/span\u003e"
                }
              ],
              "value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T05:36:07.471Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24505",
        "datePublished": "2025-01-30T18:36:09.450Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T05:36:07.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24504 (GCVE-0-2025-24504)

    Vulnerability from nvd – Published: 2025-01-30 18:31 – Updated: 2025-02-05 04:52
    VLAI
    Summary
    An improper input validation the CSRF filter results in unsanitized user input written to the application logs.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:21:14.984031Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:21:22.120Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation the CSRF filter results in unsanitized user input written to the application logs.\u003c/span\u003e"
                }
              ],
              "value": "An improper input validation the CSRF filter results in unsanitized user input written to the application logs."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:52:30.495Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24504",
        "datePublished": "2025-01-30T18:31:41.795Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T04:52:30.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24503 (GCVE-0-2025-24503)

    Vulnerability from nvd – Published: 2025-01-30 18:27 – Updated: 2025-02-05 04:51
    VLAI
    Summary
    A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24503",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:21:41.750449Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-384",
                    "description": "CWE-384 Session Fixation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:22:07.337Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003eA malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-62",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-62 Cross Site Request Forgery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:51:10.380Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24503",
        "datePublished": "2025-01-30T18:27:08.641Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T04:51:10.380Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24502 (GCVE-0-2025-24502)

    Vulnerability from nvd – Published: 2025-01-30 18:24 – Updated: 2025-02-05 04:50
    VLAI
    Summary
    An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24502",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:22:34.004253Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-384",
                    "description": "CWE-384 Session Fixation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:22:57.193Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.\u003c/span\u003e"
                }
              ],
              "value": "An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-593",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-593 Session Hijacking"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:50:21.091Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24502",
        "datePublished": "2025-01-30T18:24:32.902Z",
        "dateReserved": "2025-01-22T08:29:34.304Z",
        "dateUpdated": "2025-02-05T04:50:21.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24501 (GCVE-0-2025-24501)

    Vulnerability from nvd – Published: 2025-01-30 18:21 – Updated: 2025-02-12 20:41
    VLAI
    Summary
    An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24501",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T18:49:21.691738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:41:36.667Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.\u003c/span\u003e"
                }
              ],
              "value": "An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:48:43.903Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24501",
        "datePublished": "2025-01-30T18:21:37.817Z",
        "dateReserved": "2025-01-22T08:29:34.304Z",
        "dateUpdated": "2025-02-12T20:41:36.667Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24500 (GCVE-0-2025-24500)

    Vulnerability from nvd – Published: 2025-01-30 18:15 – Updated: 2025-03-13 13:11
    VLAI
    Summary
    The vulnerability allows an unauthenticated attacker to access information in PAM database.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24500",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:34:04.538750Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:11:59.284Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an unauthenticated attacker to access information in PAM database.\u003c/span\u003e"
                }
              ],
              "value": "The vulnerability allows an unauthenticated attacker to access information in PAM database."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-66",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-66 SQL Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:48:15.533Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24500",
        "datePublished": "2025-01-30T18:15:12.337Z",
        "dateReserved": "2025-01-22T08:29:34.304Z",
        "dateUpdated": "2025-03-13T13:11:59.284Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38496 (GCVE-0-2024-38496)

    Vulnerability from nvd – Published: 2024-07-15 14:16 – Updated: 2024-12-03 18:52
    VLAI
    Title
    Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability
    Summary
    The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38496",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T14:45:36.244815Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-922",
                    "description": "CWE-922 Insecure Storage of Sensitive Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T18:52:06.312Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.966Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.\u003c/span\u003e\n\n"
                }
              ],
              "value": "The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-122",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-122 Privilege Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:17:34.701Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38496",
        "datePublished": "2024-07-15T14:16:57.213Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-12-03T18:52:06.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38495 (GCVE-0-2024-38495)

    Vulnerability from nvd – Published: 2024-07-15 14:13 – Updated: 2024-11-04 19:03
    VLAI
    Title
    Symantec Privileged Access Manager User Enumeration vulnerability
    Summary
    A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38495",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T16:02:44.357644Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T19:03:14.832Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:25.805Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.\u003c/span\u003e\n\n"
                }
              ],
              "value": "A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Information Harvesting"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:13:12.364Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager User Enumeration vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38495",
        "datePublished": "2024-07-15T14:13:12.364Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-11-04T19:03:14.832Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38494 (GCVE-0-2024-38494)

    Vulnerability from nvd – Published: 2024-07-15 14:03 – Updated: 2024-08-02 04:12
    VLAI
    Title
    Symantec Privileged Access Manager Remote Command Execution vulnerability
    Summary
    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 4.1.0 , ≤ 4.1.7 (custom)
    Affected: 3.4.6
        cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "lessThanOrEqual": "4.1.7",
                    "status": "affected",
                    "version": "4.1.0",
                    "versionType": "custom"
                  },
                  {
                    "status": "affected",
                    "version": "3.4.6"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38494",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T20:06:23.210982Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-444",
                    "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-16T14:42:36.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.726Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.\u003c/span\u003e\n\n"
                }
              ],
              "value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:03:53.924Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38494",
        "datePublished": "2024-07-15T14:03:53.924Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-08-02T04:12:24.726Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38493 (GCVE-0-2024-38493)

    Vulnerability from nvd – Published: 2024-07-15 14:00 – Updated: 2024-10-27 23:14
    VLAI
    Title
    Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability
    Summary
    A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38493",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T14:26:20.346185Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-27T23:14:03.057Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.835Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.\u003c/span\u003e\n\n"
                }
              ],
              "value": "A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591 Reflected XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:01:02.575Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38493",
        "datePublished": "2024-07-15T14:00:15.105Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-10-27T23:14:03.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38492 (GCVE-0-2024-38492)

    Vulnerability from nvd – Published: 2024-07-15 13:54 – Updated: 2024-08-02 04:12
    VLAI
    Title
    Symantec Privileged Access Manager Remote Command Execution vulnerability
    Summary
    This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 4.1.0 , ≤ 4.1.7 (custom)
        cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 3.4.6.0
        cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "lessThanOrEqual": "4.1.7",
                    "status": "affected",
                    "version": "4.1.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.4.6.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38492",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T15:07:11.231782Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-16T13:18:28.244Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.735Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\n\n"
                }
              ],
              "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T13:54:38.819Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38492",
        "datePublished": "2024-07-15T13:54:38.819Z",
        "dateReserved": "2024-06-18T06:18:01.975Z",
        "dateUpdated": "2024-08-02T04:12:24.735Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38491 (GCVE-0-2024-38491)

    Vulnerability from nvd – Published: 2024-07-15 13:50 – Updated: 2024-11-04 16:36
    VLAI
    Title
    Symantec Privileged Access Manager SQL Injection vulnerability
    Summary
    The vulnerability allows an unauthenticated attacker to read arbitrary information from the database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38491",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T19:27:00.311332Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T16:36:30.021Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.822Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an unauthenticated attacker to read arbitrary information from the database.\u003c/span\u003e\n\n"
                }
              ],
              "value": "The vulnerability allows an unauthenticated attacker to read arbitrary information from the database."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-66",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-66 SQL Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T13:50:52.327Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager SQL Injection vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38491",
        "datePublished": "2024-07-15T13:50:52.327Z",
        "dateReserved": "2024-06-18T06:18:01.975Z",
        "dateUpdated": "2024-11-04T16:36:30.021Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36458 (GCVE-0-2024-36458)

    Vulnerability from nvd – Published: 2024-07-15 13:43 – Updated: 2024-11-21 20:55
    VLAI
    Title
    Symantec Privileged Access Manager Privilege Escalation vulnerability
    Summary
    The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36458",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T20:14:24.657266Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-21T20:55:17.095Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:37:05.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.\u003c/span\u003e\n\n"
                }
              ],
              "value": "The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T13:43:53.687Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Privilege Escalation vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-36458",
        "datePublished": "2024-07-15T13:43:53.687Z",
        "dateReserved": "2024-05-28T10:24:37.078Z",
        "dateUpdated": "2024-11-21T20:55:17.095Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36457 (GCVE-0-2024-36457)

    Vulnerability from nvd – Published: 2024-07-15 13:39 – Updated: 2024-11-12 18:12
    VLAI
    Title
    Symantec Privileged Access Manager Authentication Bypass vulnerability
    Summary
    The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36457",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T18:11:12.488440Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-306",
                    "description": "CWE-306 Missing Authentication for Critical Function",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T18:12:40.781Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:37:05.380Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint.\u003c/span\u003e\n\n"
                }
              ],
              "value": "The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T13:39:19.248Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Authentication Bypass vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-36457",
        "datePublished": "2024-07-15T13:39:19.248Z",
        "dateReserved": "2024-05-28T10:24:37.077Z",
        "dateUpdated": "2024-11-12T18:12:40.781Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36456 (GCVE-0-2024-36456)

    Vulnerability from nvd – Published: 2024-07-15 13:31 – Updated: 2024-08-02 03:37
    VLAI
    Title
    Symantec Privileged Access Manager Remote Command Execution vulnerability
    Summary
    This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 3.4.6.0
        cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 4.1.0.0 , ≤ 4.1.7 (custom)
        cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.4.6.0"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "lessThanOrEqual": "4.1.7",
                    "status": "affected",
                    "version": "4.1.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36456",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T13:44:10.749312Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-94",
                    "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-15T13:48:06.113Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:37:05.337Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\n\n"
                }
              ],
              "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T13:31:44.145Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-36456",
        "datePublished": "2024-07-15T13:31:44.145Z",
        "dateReserved": "2024-05-28T10:24:37.077Z",
        "dateUpdated": "2024-08-02T03:37:05.337Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-36455 (GCVE-0-2024-36455)

    Vulnerability from nvd – Published: 2024-07-15 13:19 – Updated: 2024-08-02 03:37
    VLAI
    Title
    Symantec Privileged Access Manager Remote Command Execution vulnerability
    Summary
    An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-665 - Improper Initialization
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 4.1.0 , ≤ 4.1.7 (custom)
        cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 3.4.6.0
        cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "lessThanOrEqual": "4.1.7",
                    "status": "affected",
                    "version": "4.1.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "status": "affected",
                    "version": "3.4.6.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-36455",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T14:46:20.266758Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-665",
                    "description": "CWE-665 Improper Initialization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-15T14:48:53.051Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T03:37:05.159Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.\u003c/span\u003e\n\n"
                }
              ],
              "value": "An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.4,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T13:19:41.914Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-36455",
        "datePublished": "2024-07-15T13:19:41.914Z",
        "dateReserved": "2024-05-28T10:24:37.077Z",
        "dateUpdated": "2024-08-02T03:37:05.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24507 (GCVE-0-2025-24507)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:41 – Updated: 2025-02-05 05:37
    VLAI
    Summary
    This vulnerability allows appliance compromise at boot time.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24507",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:17:11.902260Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:20:56.173Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows appliance compromise at boot time.\u003c/span\u003e"
                }
              ],
              "value": "This vulnerability allows appliance compromise at boot time."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 8.9,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T05:37:57.252Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24507",
        "datePublished": "2025-01-30T18:41:50.906Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T05:37:57.252Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24506 (GCVE-0-2025-24506)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:39 – Updated: 2025-02-05 05:36
    VLAI
    Summary
    A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24506",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:17:39.353436Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-203",
                    "description": "CWE-203 Observable Discrepancy",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:19:19.284Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.\u003c/span\u003e"
                }
              ],
              "value": "A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Information Harvesting"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T05:36:34.940Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24506",
        "datePublished": "2025-01-30T18:39:19.670Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T05:36:34.940Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24505 (GCVE-0-2025-24505)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:36 – Updated: 2025-02-05 05:36
    VLAI
    Summary
    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24505",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:18:01.463871Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:18:34.247Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.\u003c/span\u003e"
                }
              ],
              "value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-253",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-253 Remote Code Inclusion"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T05:36:07.471Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24505",
        "datePublished": "2025-01-30T18:36:09.450Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T05:36:07.471Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24504 (GCVE-0-2025-24504)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:31 – Updated: 2025-02-05 04:52
    VLAI
    Summary
    An improper input validation the CSRF filter results in unsanitized user input written to the application logs.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24504",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:21:14.984031Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:21:22.120Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation the CSRF filter results in unsanitized user input written to the application logs.\u003c/span\u003e"
                }
              ],
              "value": "An improper input validation the CSRF filter results in unsanitized user input written to the application logs."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:52:30.495Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24504",
        "datePublished": "2025-01-30T18:31:41.795Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T04:52:30.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24503 (GCVE-0-2025-24503)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:27 – Updated: 2025-02-05 04:51
    VLAI
    Summary
    A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24503",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:21:41.750449Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-384",
                    "description": "CWE-384 Session Fixation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:22:07.337Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003eA malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
                }
              ],
              "value": "A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-62",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-62 Cross Site Request Forgery"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:51:10.380Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24503",
        "datePublished": "2025-01-30T18:27:08.641Z",
        "dateReserved": "2025-01-22T08:29:34.305Z",
        "dateUpdated": "2025-02-05T04:51:10.380Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24502 (GCVE-0-2025-24502)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:24 – Updated: 2025-02-05 04:50
    VLAI
    Summary
    An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24502",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:22:34.004253Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-384",
                    "description": "CWE-384 Session Fixation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:22:57.193Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.\u003c/span\u003e"
                }
              ],
              "value": "An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-593",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-593 Session Hijacking"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:50:21.091Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24502",
        "datePublished": "2025-01-30T18:24:32.902Z",
        "dateReserved": "2025-01-22T08:29:34.304Z",
        "dateUpdated": "2025-02-05T04:50:21.091Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24501 (GCVE-0-2025-24501)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:21 – Updated: 2025-02-12 20:41
    VLAI
    Summary
    An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24501",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T18:49:21.691738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T20:41:36.667Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.\u003c/span\u003e"
                }
              ],
              "value": "An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:48:43.903Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24501",
        "datePublished": "2025-01-30T18:21:37.817Z",
        "dateReserved": "2025-01-22T08:29:34.304Z",
        "dateUpdated": "2025-02-12T20:41:36.667Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-24500 (GCVE-0-2025-24500)

    Vulnerability from cvelistv5 – Published: 2025-01-30 18:15 – Updated: 2025-03-13 13:11
    VLAI
    Summary
    The vulnerability allows an unauthenticated attacker to access information in PAM database.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 3.4.6
    Affected: 4.1.0 , ≤ 4.1.8 (custom)
    Affected: 4.2.0
    Create a notification for this product.
    Credits
    Stefan Grönke (gronke@radicallyopensecurity.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24500",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:34:04.538750Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:11:59.284Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.6"
                },
                {
                  "lessThanOrEqual": "4.1.8",
                  "status": "affected",
                  "version": "4.1.0",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "4.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an unauthenticated attacker to access information in PAM database.\u003c/span\u003e"
                }
              ],
              "value": "The vulnerability allows an unauthenticated attacker to access information in PAM database."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-66",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-66 SQL Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-05T04:48:15.533Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2025-24500",
        "datePublished": "2025-01-30T18:15:12.337Z",
        "dateReserved": "2025-01-22T08:29:34.304Z",
        "dateUpdated": "2025-03-13T13:11:59.284Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38496 (GCVE-0-2024-38496)

    Vulnerability from cvelistv5 – Published: 2024-07-15 14:16 – Updated: 2024-12-03 18:52
    VLAI
    Title
    Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability
    Summary
    The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-922 - Insecure Storage of Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38496",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T14:45:36.244815Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-922",
                    "description": "CWE-922 Insecure Storage of Sensitive Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-03T18:52:06.312Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.966Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.\u003c/span\u003e\n\n"
                }
              ],
              "value": "The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-122",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-122 Privilege Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:17:34.701Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38496",
        "datePublished": "2024-07-15T14:16:57.213Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-12-03T18:52:06.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38495 (GCVE-0-2024-38495)

    Vulnerability from cvelistv5 – Published: 2024-07-15 14:13 – Updated: 2024-11-04 19:03
    VLAI
    Title
    Symantec Privileged Access Manager User Enumeration vulnerability
    Summary
    A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38495",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T16:02:44.357644Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-04T19:03:14.832Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:25.805Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.\u003c/span\u003e\n\n"
                }
              ],
              "value": "A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database."
            }
          ],
          "impacts": [
            {
              "descriptions": [
                {
                  "lang": "en",
                  "value": "Information Harvesting"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:13:12.364Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager User Enumeration vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38495",
        "datePublished": "2024-07-15T14:13:12.364Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-11-04T19:03:14.832Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38494 (GCVE-0-2024-38494)

    Vulnerability from cvelistv5 – Published: 2024-07-15 14:03 – Updated: 2024-08-02 04:12
    VLAI
    Title
    Symantec Privileged Access Manager Remote Command Execution vulnerability
    Summary
    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    broadcom symantec_privileged_access_management Affected: 4.1.0 , ≤ 4.1.7 (custom)
    Affected: 3.4.6
        cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "symantec_privileged_access_management",
                "vendor": "broadcom",
                "versions": [
                  {
                    "lessThanOrEqual": "4.1.7",
                    "status": "affected",
                    "version": "4.1.0",
                    "versionType": "custom"
                  },
                  {
                    "status": "affected",
                    "version": "3.4.6"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38494",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T20:06:23.210982Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-444",
                    "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-16T14:42:36.168Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.726Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.\u003c/span\u003e\n\n"
                }
              ],
              "value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:03:53.924Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38494",
        "datePublished": "2024-07-15T14:03:53.924Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-08-02T04:12:24.726Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-38493 (GCVE-0-2024-38493)

    Vulnerability from cvelistv5 – Published: 2024-07-15 14:00 – Updated: 2024-10-27 23:14
    VLAI
    Title
    Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability
    Summary
    A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    Impacted products
    Vendor Product Version
    Broadcom Symantec Privileged Access Management Affected: 4.1.0 - 4.1.7
    Affected: 3.4.6
    Create a notification for this product.
    Credits
    Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-38493",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-15T14:26:20.346185Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-79",
                    "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-27T23:14:03.057Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T04:12:24.835Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Symantec Privileged Access Management",
              "vendor": "Broadcom",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.1.0 - 4.1.7"
                },
                {
                  "status": "affected",
                  "version": "3.4.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.\u003c/span\u003e\n\n"
                }
              ],
              "value": "A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591 Reflected XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:L/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-15T14:01:02.575Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2024-38493",
        "datePublished": "2024-07-15T14:00:15.105Z",
        "dateReserved": "2024-06-18T06:18:01.976Z",
        "dateUpdated": "2024-10-27T23:14:03.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }