CVE-2024-5813

MEDIUM

BeyondInsight Password Safe 23.3-23.3.0.929 - Authenticated SSH Private Key Exposure via Server Response

Title source: llm

Description

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response.

References (1)

Core 1

Core References

Vendor Advisory

https://www.beyondtrust.com/trust-center/security-advisories/bt24-08

Scores

CVSS v3 5.9

EPSS 0.0041

EPSS Percentile 32.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (1)

beyondtrust/beyondinsight_password_safe 23.3 - 23.3.0.929

Published Jun 11, 2024

Tracked Since Feb 18, 2026