Advisory ID: BT24-07

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • CVSSv3 Score: 3.3
  • Severity: Low
  • Issue Date: 2024-06-11
  • CVE: CVE-2024-5812

Summary

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

A low severity vulnerability in BeyondInsight Password Safe has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request.

Affected Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
BeyondInsight Password Safe 24.1 and prior
BeyondInsight Password Safe 23.3 versions before the .959 hotfix
BeyondInsight Password Safe 23.2 versions before the .1293 hotfix

Fixed Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
BeyondInsight Password Safe 24.1.1 and later
BeyondInsight Password Safe 23.3.0.959 and later
BeyondInsight Password Safe 23.2.0.1293 and later

Ackowledgements

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

BeyondTrust would like to acknowledge Christian Dölling for reporting this issue.

References

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  1. https://www.cve.org/cverecord?id=CVE-2024-5812
Want to learn why over 20,000 customers chose BeyondTrust?
Prefers reduced motion setting detected. Animations will now be reduced as a result.