3a. Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin (CVE-2024-22245)
The VMware Enhanced Authentication Plug-in (EAP) contains an Arbitrary Authentication Relay vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.6.
3b. Session Hijack Vulnerability in Deprecated EAP Browser Plugin (CVE-2024-22250)
The VMware Enhanced Authentication Plug-in (EAP) contains a Session Hijack vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8.
CPE | Name | Operator | Version |
---|---|---|---|
vmware enhanced authentication plug-in (eap) | eq | Any |