The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature.
References
Link | Resource |
---|---|
https://www.beyondtrust.com/security | Vendor Advisory |
https://www.beyondtrust.com/trust-center/security-advisories/bt23-08 | Vendor Advisory |
https://www.beyondtrust.com/security | Vendor Advisory |
https://www.beyondtrust.com/trust-center/security-advisories/bt23-08 | Vendor Advisory |
Configurations
History
21 Nov 2024, 08:34
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.beyondtrust.com/security - Vendor Advisory | |
References | () https://www.beyondtrust.com/trust-center/security-advisories/bt23-08 - Vendor Advisory |
03 Jan 2024, 22:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
CWE | NVD-CWE-noinfo | |
References | () https://www.beyondtrust.com/security - Vendor Advisory | |
References | () https://www.beyondtrust.com/trust-center/security-advisories/bt23-08 - Vendor Advisory | |
CPE | cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:* |
25 Dec 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-25 08:15
Updated : 2024-11-21 08:34
NVD link : CVE-2023-49944
Mitre link : CVE-2023-49944
CVE.ORG link : CVE-2023-49944
JSON object : View
Products Affected
beyondtrust
- privilege_management_for_windows
CWE