Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Tripwire Enterprise by Fortra

    CVE-2024-4332 (GCVE-0-2024-4332)

    Vulnerability from nvd – Published: 2024-06-03 17:38 – Updated: 2025-08-29 20:20
    VLAI
    Title
    Improper Authentication in Tripwire Enterprise 9.1.0 APIs
    Summary
    An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-303 - Incorrect Implementation of Authentication Algorithm
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Fortra Tripwire Enterprise Affected: 9.1.0
    Create a notification for this product.
    fortra tripwire_enterprise Affected: 9.1.0
        cpe:2.3:a:fortra:tripwire_enterprise:9.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:fortra:tripwire_enterprise:9.1.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tripwire_enterprise",
                "vendor": "fortra",
                "versions": [
                  {
                    "status": "affected",
                    "version": "9.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-4332",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-07T03:56:07.398810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-07T10:00:29.769Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:40:47.145Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.fortra.com/security/advisory/fi-2024-006"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "API authentication",
                "REST API",
                "SOAP API"
              ],
              "product": "Tripwire Enterprise",
              "vendor": "Fortra",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.\n\n \n\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "USER",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/S:N/AU:Y/R:U/V:C/RE:L/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-303",
                  "description": "CWE-303 Incorrect Implementation of Authentication Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T20:20:21.394Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "url": "https://www.fortra.com/security/advisory/fi-2024-006"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability."
                }
              ],
              "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Improper Authentication in Tripwire Enterprise 9.1.0 APIs",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher."
                }
              ],
              "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2024-4332",
        "datePublished": "2024-06-03T17:38:54.516Z",
        "dateReserved": "2024-04-29T22:31:16.171Z",
        "dateUpdated": "2025-08-29T20:20:21.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-4332 (GCVE-0-2024-4332)

    Vulnerability from cvelistv5 – Published: 2024-06-03 17:38 – Updated: 2025-08-29 20:20
    VLAI
    Title
    Improper Authentication in Tripwire Enterprise 9.1.0 APIs
    Summary
    An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-303 - Incorrect Implementation of Authentication Algorithm
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Fortra Tripwire Enterprise Affected: 9.1.0
    Create a notification for this product.
    fortra tripwire_enterprise Affected: 9.1.0
        cpe:2.3:a:fortra:tripwire_enterprise:9.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:fortra:tripwire_enterprise:9.1.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "tripwire_enterprise",
                "vendor": "fortra",
                "versions": [
                  {
                    "status": "affected",
                    "version": "9.1.0"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-4332",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-07T03:56:07.398810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-07T10:00:29.769Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:40:47.145Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.fortra.com/security/advisory/fi-2024-006"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "API authentication",
                "REST API",
                "SOAP API"
              ],
              "product": "Tripwire Enterprise",
              "vendor": "Fortra",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.\n\n \n\n\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "YES",
                "Recovery": "USER",
                "Safety": "NEGLIGIBLE",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "RED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "CONCENTRATED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/S:N/AU:Y/R:U/V:C/RE:L/U:Red",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "LOW"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-303",
                  "description": "CWE-303 Incorrect Implementation of Authentication Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T20:20:21.394Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "url": "https://www.fortra.com/security/advisory/fi-2024-006"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability."
                }
              ],
              "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Improper Authentication in Tripwire Enterprise 9.1.0 APIs",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher."
                }
              ],
              "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2024-4332",
        "datePublished": "2024-06-03T17:38:54.516Z",
        "dateReserved": "2024-04-29T22:31:16.171Z",
        "dateUpdated": "2025-08-29T20:20:21.394Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }