An authentication bypass vulnerability in the RDP component of One Identity Safeguard for Privileged Sessions (all LTS versions before 7.0.5.1 and all feature versions before 7.5.1) has been discovered. Severity This vulnerability is identified by CVE-2024-40595. How does this affect me? Under certain circumstances, this vulnerability may allow man-in-the-middle attackers to obtain unencrypted information to access privileged sessions on target resources. Please see KB 4376565 for additional details. Resolution Upgrading to SPS 7.5.1 or 7.0.5.1 closes the vulnerability and the fix will be included in future versions. We apologize for the inconvenience this issue may have caused. |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center