Lucene search
Hive ProHIVEPRO:1044185C2CFF901B1C9D841999093B0DHistoryFeb 21, 2024 - 2:17 p.m.
Admins Urged to Uninstall VMware EAP Amid Critical Flaws
2024-02-2114:17:57
Hive Pro
www.hivepro.com
13
vmware
administrators
uninstallation
critical flaws
windows domain
session hijacking
authentication relay attacks
eap
Summary: VMware has issued a warning to administrators regarding two unaddressed security vulnerabilities necessitating the removal of an outdated authentication plugin. Identified as CVE-2024-22245 and CVE-2024-22250, these vulnerabilities enable session hijacking and authentication relay attacks targeting the VMware Enhanced Authentication Plug-in (EAP) within Windows domain environments. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
Related
vmware
vmware
pentestpartners
pentestpartners
No fix KrbRelay VMware style
2024-02-21 06:50:52
f5
f5
K000139491 : VMware EAP vulnerabilities CVE-2024-22245 and CVE-2024-22250
2024-05-02 00:00:00
thn
thn
cvelist
cvelist
prion
prion
Authentication flaw
2024-02-20 18:15:00
Session fixation
2024-02-20 18:15:00
nvd
nvd
CVE-2024-22245
2024-02-20 18:15:51
CVE-2024-22250
2024-02-20 18:15:51
cve
cve
CVE-2024-22250
2024-02-20 18:15:51
CVE-2024-22245
2024-02-20 18:15:51
7.7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.2%
Related for HIVEPRO:1044185C2CFF901B1C9D841999093B0D