EUVD-2024-33602

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Flaw in pam_access allows attackers to impersonate trusted hostnames, risking unauthorized access.

Reporter	Title	Published	Views	Family All 126
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for February 2025.	12 Mar 202511:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	12 Nov 202519:08	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server Liberty container shipped with containerized IBM Security Guardium Key Lifecycle Manager 5.0 (GKLM) (CVE-2024-10963)	8 Apr 202509:41	–	ibm
IBM Security Bulletins	Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for April 2025.	5 May 202516:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities affecting IBM Watson Studio in Cloud Pak for Data are addressed	4 Aug 202512:44	–	ibm
IBM Security Bulletins	Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities	17 Apr 202513:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to PAM, go-git and Golang.org/X/Crypto	27 Feb 202503:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge v5.1.1 is vulnerable to multiple Base OS issues	2 Apr 202517:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	6 Aug 202516:10	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "933d517a-8c6c-3fd8-8951-7d5668da4e3e",
        "vendor": {
          "name": "Red Hat"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "001d94b9-f121-3d29-b867-06de79713658",
        "product": {
          "name": "Red Hat OpenShift AI 2.16"
        },
        "product_version": "patch: sha256:c2a79db6d2ba9c313640149a55f306e8aa4dc36f3cc24bf554c025503b013644"
      },
      {
        "id": "277b5074-f610-39e3-b521-cb0403f6bb51",
        "product": {
          "name": "Red Hat OpenShift Container Platform 4.17"
        },
        "product_version": "patch: 417.94.202411261220-0"
      },
      {
        "id": "2e0b3ecd-e32c-3f16-860c-39f306793a5a",
        "product": {
          "name": "Red Hat Enterprise Linux 8"
        },
        "product_version": "patch: 0:1.3.1-36.el8_10"
      },
      {
        "id": "3505fce3-841d-33d4-b8b6-b20cdac3236c",
        "product": {
          "name": "Red Hat Enterprise Linux 9.4 Extended Update Support"
        },
        "product_version": "patch: 0:1.5.1-23.el9_4"
      },
      {
        "id": "b5fc80f4-ccd0-3c61-9390-27fc99fcd532",
        "product": {
          "name": "Red Hat OpenShift Container Platform 4.16"
        },
        "product_version": "patch: 416.94.202411261619-0"
      },
      {
        "id": "f5f4e1d8-aa3d-39e6-94b4-9d90d4d9aeda",
        "product": {
          "name": "Red Hat Enterprise Linux 9"
        },
        "product_version": "patch: 0:1.5.1-22.el9_5"
      }
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHSA-2024:10232
access	www.access.redhat.com/errata/RHSA-2024:10244
access	www.access.redhat.com/errata/RHSA-2024:10379
access	www.access.redhat.com/errata/RHSA-2024:10518
access	www.access.redhat.com/errata/RHSA-2024:10528
access	www.access.redhat.com/errata/RHSA-2024:10852
access	www.access.redhat.com/security/cve/CVE-2024-10963
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

03 Oct 2025 20:07Current

7.4High risk

Vulners AI Score7.4

CVSS 3.17.4

EPSS0.00567

SSVC