CVE-2024-45488

CRITICAL NUCLEI

One Identity Safeguard for Privileged Passwords <7.5.2 - Info Discl...

Title source: llm

Exploitation Summary

CVE-2024-45488 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This only affects virtual appliance installations (VMware or HyperV). The fixed versions are 7.0.5.1 LTS, 7.4.2, and 7.5.2.

Nuclei Templates (1)

SafeGuard for Privileged Passwords < 7.5.2 - Authentication Bypass

CRITICALVERIFIEDby iamnoooob,rootxharsh,pdresearch

Shodan: html:"Safeguard for Privileged Passwords"

References (2)

Core 2

Core References

Various Sources

https://support.oneidentity.com/kb/4376740/safeguard-for-privileged-passwords-security-vulnerability-notification-defect-460620

Various Sources

https://support.oneidentity.com/product-notification/noti-00001628

Scores

CVSS v3 9.8

EPSS 0.5017

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

Status published

Published Aug 30, 2024

Tracked Since Feb 18, 2026