BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret.
CPE | Name | Operator | Version |
---|---|---|---|
privileged_remote_access | ge | 22.2.1 | |
privileged_remote_access | lt | 22.3.3 |