Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:34 a.m.7 views

CVE-2024-10394

A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...

8.4CVSS6.6AI score0.00202EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/01/20 12:0 a.m.10 views

Mageia: Security Advisory (MGASA-2025-0013)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS6.4AI score0.00563EPSS
Exploits0References3
NVD
NVD
added 2024/11/14 8:15 p.m.17 views

CVE-2024-10394

A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...

8.4CVSS0.00202EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/11/14 8:15 p.m.7 views

CVE-2024-10394

A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...

8.4CVSS7.1AI score0.00202EPSS
Exploits0References3
CVE
CVE
added 2024/11/14 7:7 p.m.75 views

CVE-2024-10394

CVE-2024-10394 describes a local vulnerability in OpenAFS where an attacker can bypass the PAG throttling on Unix clients, allowing the creation of a PAG with an existing id and potentially stealing credentials in that PAG. Multiple connected advisories confirm the issue affects OpenAFS and outli...

8.4CVSS5.8AI score0.00202EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/11/14 7:7 p.m.41 views

CVE-2024-10394 Theft of credentials in Unix client PAGs

A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...

8.4CVSS0.00202EPSS
Exploits0References2
Rows per page
Query Builder