Chat now with support
Chat with Support
Self Service Tools
Knowledge Base
My Account
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Support Essentials
Awards and Testimonials
Getting Started
License Agreement
Support Guide

One Identity Safeguard for Privileged Sessions Product Notification

Return
Critical Alerts

An authentication bypass vulnerability in the RDP component of One Identity Safeguard for Privileged Sessions (all LTS versions before 7.0.5.1 and all feature versions before 7.5.1) has been discovered.
 
Severity
This vulnerability is identified by CVE-2024-40595.
 
How does this affect me?
Under certain circumstances, this vulnerability may allow man-in-the-middle attackers to obtain unencrypted information to access privileged sessions on target resources.
Please see KB 4376565 for additional details.
 
Resolution
Upgrading to SPS 7.5.1 or 7.0.5.1 closes the vulnerability and the fix will be included in future versions. 
 
 
We apologize for the inconvenience this issue may have caused.