CVE-2024-45488: Flaw in Safeguard for Privileged Passwords Enables Unauthorized Access
In a recent security bulletin, a critical vulnerability has been identified in One Identity’s Safeguard for Privileged Passwords, a key solution designed to protect and manage privileged credentials within organizations. This vulnerability, tracked as CVE-2024-45488, affects the login process of Safeguard for Privileged Passwords and could potentially allow attackers to gain unauthorized access to sensitive systems.
One Identity Safeguard for Privileged Passwords is a robust platform used by organizations to store and manage sensitive credentials, such as passwords, keys, and other secrets, within a centralized, hardened vault. The platform not only safeguards these credentials but also automates and controls the process of granting privileged access, making it a critical component of enterprise security infrastructures.
The identified vulnerability in CVE-2024-45488 is related to the handling of cookies during the login process. Specifically, this flaw could be exploited by an attacker to gain unauthorized access to the system, potentially compromising the entire security posture of the organization. The impact of this vulnerability is significant, as it could allow malicious actors to bypass security controls and gain elevated privileges within the network.
It is important to note that this vulnerability only affects instances of Safeguard for Privileged Passwords running on VMware or Hyper-V environments. Other platforms are not impacted by this issue. Organizations running Safeguard in these virtualized environments are at risk and must take immediate action to secure their systems.
In response to this critical vulnerability, One Identity has released security fixes in the following versions of Safeguard for Privileged Passwords:
- Version 7.0.5.1 LTS
- Version 7.4.2
- Version 7.5.2
Organizations using Safeguard for Privileged Passwords on VMware or Hyper-V are strongly urged to upgrade to one of these versions immediately to mitigate the risk associated with CVE-2024-45488. Failure to do so could leave systems vulnerable to unauthorized access and potential exploitation by cybercriminals.
