CVE-2024-25650

CVE-2024-25650 describes an insecure key exchange between Delinea PAM Secret Server 11.4 and Distributed Engine 8.4.3, where a PAM administrator can obtain the Symmetric Key used to encrypt RabbitMQ messages by crafting payloads to the REST endpoints “/pre-authenticate”, “/authenticate”, and “/ex...