CVE-2024-5813

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.7 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

A

medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response.

References

Link	Resource
https://www.beyondtrust.com/trust-center/security-advisories/bt24-08	Vendor Advisory
https://www.beyondtrust.com/trust-center/security-advisories/bt24-08	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:beyondtrust:beyondinsight_password_safe:*:*:*:*:*:*:*:*

History

11 Feb 2025, 21:36

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:a:beyondtrust:beyondinsight_password_safe::::::::
References	~~() https://www.beyondtrust.com/trust-center/security-advisories/bt24-08 -~~	() https://www.beyondtrust.com/trust-center/security-advisories/bt24-08 - Vendor Advisory
First Time		Beyondtrust beyondinsight Password Safe Beyondtrust

21 Nov 2024, 09:48

Type	Values Removed	Values Added
References	~~() https://www.beyondtrust.com/trust-center/security-advisories/bt24-08 -~~	() https://www.beyondtrust.com/trust-center/security-advisories/bt24-08 -

11 Jun 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-11 16:15

Updated : 2025-02-11 21:36

NVD link : CVE-2024-5813

Mitre link : CVE-2024-5813

CVE.ORG link : CVE-2024-5813

JSON object : View

Products Affected

beyondtrust

beyondinsight_password_safe

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo

{"id": "CVE-2024-5813", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 0.7}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2024-06-11T16:15:29.480", "references": [{"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-08", "tags": ["Vendor Advisory"], "source": "13061848-ea10-403d-bd75-c83a022c2891"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-08", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "13061848-ea10-403d-bd75-c83a022c2891", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de gravedad media en BIPS donde un atacante autenticado con altos privilegios puede acceder a las claves privadas SSH a trav\u00e9s de una fuga de informaci\u00f3n en la respuesta del servidor."}], "lastModified": "2025-02-11T21:36:40.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:beyondinsight_password_safe:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16A3910D-694D-47F7-B068-7B2089358D73", "versionEndExcluding": "23.3.0.929", "versionStartIncluding": "23.3"}], "operator": "OR"}]}], "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891"}