0.2 C
New York
Monday, December 2, 2024
HomeHacking
Hacking

HPE IceWall Flaw Let Attackers trigger Unauthorized Information Modification

By codesanitize.com
0
1
HPE IceWall Flaw Let Attackers trigger Unauthorized Information Modification


Hewlett Packard Enterprise (HPE) has issued an pressing safety bulletin addressing a vital vulnerability in its IceWall product line.

Recognized as CVE-2024-11856, this flaw may enable attackers to remotely modify knowledge with out authorization.

This flaw is able to enabling unauthorized knowledge modification from distant places, posing a major safety menace to the affected programs.

– Commercial –
SIEM as a ServiceSIEM as a Service

Vulnerability Abstract

The difficulty on the core of CVE-2024-11856 lies within the IceWall modules’ means to improperly handle failed password makes an attempt.

This defect permits customers to surpass the meant restrict for unsuccessful login makes an attempt, thereby gaining potential entry to switch knowledge with out correct authorization.

Leveraging 2024 MITRE ATT&CK Outcomes for SME & MSP Cybersecurity Leaders – Attend Free Webinar

The affected IceWall modules embrace:

  • IceWall Gen11 certd for RHEL 7, RHEL 8, and RHEL 9
  • IceWall Gen11 certd for Home windows
  • IceWall SSO 10.0 certd for HP-UX

Supported Software program Variations

Solely the next variations are impacted:

  • IceWall Gen11 Enterprise Version certd (RHEL 7, 8, 9, and Home windows)
  • IceWall Gen11 Customary Version certd (RHEL 7, 8, 9, and Home windows)
  • IceWall SSO certd 10.0 (HP-UX)

Based on HPE, the vulnerability has been assigned a CVSS v3.1 base rating of three.7, indicating a medium impression.

The vector is described as distant, with no requirement for bodily entry or consumer interplay, making it notably regarding for enterprise environments that depend on IceWall for safe authentication.

HPE has launched up to date patches to mitigate this vulnerability. Customers are urged to use these patches instantly to make sure the safety of their programs. The out there patches embrace:

  • IceWall Gen11 certd Patch Launch 14 for RHEL 7, 8, and 9
  • IceWall Gen11 certd Patch Launch 14 for Home windows
  • IceWall SSO 10.0 certd Patch Launch 10 for HP-UX

For help in implementing these safety measures, customers are suggested to contact HPE Companies assist.

Organizations utilizing affected HPE IceWall merchandise ought to prioritize the applying of those patches to safeguard towards potential unauthorized knowledge modifications.

Analyse Superior Malware & Phishing Evaluation With ANY.RUN Black Friday Offers : Stand up to three Free Licenses.

Previous articleipv6 – Announce ULA path to Cisco switches by way of SLAAC
codesanitize.comhttps://codesanitize.com

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more

ABOUT US

Welcome to CodeSanitize, your number one source for all things coding and technology. We’re dedicated to providing you the very best of software development tutorials, tips, and resources, with a focus on clarity, practical examples, and up-to-date content.

© Copyright 2024 - codesanitize.com. All rights reserved