Privileged Session Hijacking Vulnerability in VMware Enhanced Authentication Plug-in
CVE-2024-22250
Summary
The vulnerability exists in the Deprecated VMware Enhanced Authentication Plug-in, where a session hijack can occur. This allows a malicious actor with unprivileged local access to a Windows operating system to hijack a privileged EAP session initiated by a privileged domain user on the same system. This vulnerability poses significant risks, as it can lead to unauthorized access to sensitive operations or data within the affected environment, highlighting the urgent need for remediation to protect user sessions.
Affected Version(s)
VMware Enhanced Authentication Plug-in (EAP) Windows All
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
VMware issues no-patch advisory for critical flaw in old SSO plugin
The VMware Enhanced Authentication Plug-in risks authentication relay and session hijacking.
11 months ago
Help Net SecurityVMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250) - Help Net Security
Vulnerabilities in VMware EAP (CVE-2024-22245, CVE-2024-22250) can be exploited for authentication relay and session hijack attacks.
11 months ago
GBHackers on SecurityVMware Urges to Remove Enhanced EAP Plugin to Stop Auth & Session Hijack Attacks
VMware has issued an urgent advisory to administrators to remove a deprecated authentication plugin vulnerable to severe security threats.
11 months ago
References
CVSS V3.1
Timeline
- 📰
First article discovered by Beeping Computers
Vulnerability published
Vulnerability Reserved