CVE-2024-7401

Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Since this is a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a customer’s tenant and impersonate a user.
Configurations

Configuration 1 (hide)

cpe:2.3:a:netskope:netskope:*:*:*:*:*:*:*:*

History

05 Sep 2024, 18:34

Type Values Removed Values Added
References () https://docs.netskope.com/en/secure-enrollment/ - () https://docs.netskope.com/en/secure-enrollment/ - Product
References () https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-001 - () https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-001 - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
First Time Netskope
Netskope netskope
CPE cpe:2.3:a:netskope:netskope:*:*:*:*:*:*:*:*

28 Aug 2024, 06:15

Type Values Removed Values Added
Summary
  • (es) Netskope fue notificado sobre una brecha de seguridad en el proceso de inscripción del Cliente Netskope donde NSClient utiliza un token estático "Orgkey" como parámetro de autenticación. Dado que este token estático, si se filtra, no se puede rotar ni revocar. Un actor malintencionado puede utilizar este token para inscribir NSClient desde el inquilino de un cliente y hacerse pasar por un usuario.
Summary (en) Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Since this a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a customer’s tenant and impersonate a user. (en) Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Since this is a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a customer’s tenant and impersonate a user.

26 Aug 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 17:15

Updated : 2024-09-05 18:34


NVD link : CVE-2024-7401

Mitre link : CVE-2024-7401

CVE.ORG link : CVE-2024-7401


JSON object : View

Products Affected

netskope

  • netskope
CWE
CWE-287

Improper Authentication