CVE-2024-10963 - "Apache pam_access Hostname Spoofing Vulnerability"

2 weeks ago 8
ARTICLE AD BOX
CVE ID : CVE-2024-10963
Published : Nov. 7, 2024, 4:15 p.m. | 24 minutes ago
Description : A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article