CVE-2024-5812

LOW

Beyondtrust Beyondinsight Password Safe < 23.2.0.1293 - Authentication Bypass by Spoofing

Title source: rule

Description

A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request.

References (1)

[Vendor Advisory] https://www.beyondtrust.com/trust-center/security-advisories/bt24-07

Scores

CVSS v3 3.3

EPSS 0.0012

EPSS Percentile 30.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-290

Status published

Products (2)

beyondtrust/beyondinsight_password_safe 24.1

beyondtrust/beyondinsight_password_safe 23.2 - 23.2.0.1293

Published Jun 11, 2024

Tracked Since Feb 18, 2026