One Identity Product Security Update Advisory (CVE-2024-45488)

Sep 03 2024

Overview

An update has been released to address vulnerabilities in One Identity Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-45488

One Identity Safeguard versions: ~ 7.0.5.1 LTS (excluded) (VMware, Hyper-V)
One Identity Safeguard versions: ~ 7.4.2 (Excluded) (VMware, Hyper-V)
One Identity Safeguard versions: ~ 7.5.2 (excluded) (VMware, Hyper-V)

Resolved Vulnerabilities

Vulnerability in cookies used by Safeguard for Privileged Passwords at login that could allow an attacker to gain unauthorized access to the system (CVE-2024-45488)

Vulnerability Patches

The following product-specific Vulnerability Patches are available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-45488

One Identity Safeguard version: 7.0.5.1
One Identity Safeguard version: 7.4.2
One Identity Safeguard version: 7.5.2

References

[1] One Identity Safeguard for Privileged Passwords Product Notification

https://support.oneidentity.com/product-notification/noti-00001628

[2] Safeguard for Privileged Passwords Security Vulnerability Notification Defect 460620 (4376740)

https://support.oneidentity.com/kb/4376740/safeguard-for-privileged-passwords-security-vulnerability-notification-defect-460620

One Identity Product Security Update Advisory (CVE-2024-45488)

ManageEngine (Exchange Reporter Plus) Product August 2024 Security Update Advisory

Google Chrome Browser (128.0.6613.119/.120) Security Update Advisory

Tags:

ManageEngine (Exchange Reporter Plus) Product August 2024 Security Update Advisory

Google Chrome Browser (128.0.6613.119/.120) Security Update Advisory