5 matches found
CVE-2024-12908
Delinea addressed a reported case on Secret Server v11.7.31 protocol handler version 6.0.3.26 where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfull...
CVE-2024-12908
creationtimestamp| type| source ---|---|--- 2024-12-26 15:46:58+00:00| seen| https://infosec.exchange/users/cve/statuses/113719903362852151 2024-12-26 18:14:44+00:00| seen| https://t.me/cvedetector/13687 2024-12-27 18:51:16+00:00| published-proof-of-concept| https://t.me/ckeArsenal/269 2024-12-28...
CVE-2024-12908
Delinea addressed a reported case on Secret Server v11.7.31 protocol handler version 6.0.3.26 where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfull...
CVE-2024-12908
Delinea Secret Server v11.7.31 (protocol handler 6.0.3.26) is affected by a flaw in the protocol handler where URIs were compared before normalization/canonicalization, enabling potential over-matching against an approved list. This could allow a remote attacker to lure a user to a malicious web ...
CVE-2024-12908
Delinea addressed a reported case on Secret Server v11.7.31 protocol handler version 6.0.3.26 where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfull...