Lucene search

5d1c2695-1a31-4499-88ae-e847036fd7e3NVD:CVE-2024-6593

HistorySep 25, 2024 - 12:15 p.m.

CVE-2024-6593

2024-09-2512:15:05

CWE-863

5d1c2695-1a31-4499-88ae-e847036fd7e3

web.nvd.nist.gov

watchguard

authentication gateway

windows

vulnerability

incorrect authorization

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS

Percentile

9.6%

JSON

Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands.
This issue affects Authentication Gateway: through 12.10.2.

Affected configurations

Nvd

Node

watchguardauthentication_gatewayRange≤12.10.2

VendorProductVersionCPE
watchguardauthentication_gateway*cpe:2.3:a:watchguard:authentication_gateway:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
watchguard	authentication_gateway	*	cpe:2.3:a:watchguard:authentication_gateway::::::::

References

www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00015

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS

Percentile

9.6%

JSON

Related for NVD:CVE-2024-6593