Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-36457— Symantec Privileged Access Manager Authentication Bypass vulnerability

EPSS 0.03% · P8
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-36457

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Symantec Privileged Access Manager Authentication Bypass vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Broadcom Symantec Privileged Access Management 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Broadcom Symantec Privileged Access Management(Broadcom Symantec PAM)是美国博通(Broadcom)公司的一种安全软件。通过保护敏感的管理凭据、控制特权用户访问、主动实施安全策略以及监控和记录虚拟、云和物理环境中的特权用户活动来帮助防止安全漏洞。 Broadcom Symantec Privileged Access Management存在安全漏洞,该漏洞源于允许攻击者绕过特定PAM端点的身份验证要求。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
BroadcomSymantec Privileged Access Management 4.1.0 - 4.1.7 -

II. Public POCs for CVE-2024-36457

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-36457

登录查看更多情报信息。

Same Patch Batch · Broadcom · 2024-07-15 · 10 CVEs total

CVE-2024-38496Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability
CVE-2024-38494Symantec Privileged Access Manager Remote Command Execution vulnerability
CVE-2024-38492Symantec Privileged Access Manager Remote Command Execution vulnerability
CVE-2024-38491Symantec Privileged Access Manager SQL Injection vulnerability
CVE-2024-38493Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability
CVE-2024-38495Symantec Privileged Access Manager User Enumeration vulnerability
CVE-2024-36458Symantec Privileged Access Manager Privilege Escalation vulnerability
CVE-2024-36455Symantec Privileged Access Manager Remote Command Execution vulnerability
CVE-2024-36456Symantec Privileged Access Manager Remote Command Execution vulnerability

IV. Related Vulnerabilities

Same product: Symantec Privileged Access Management
Same vendor: Broadcom

V. Comments for CVE-2024-36457

No comments yet

Leave a comment