Broken Access Control Vulnerability in RSA NetWitness Platform

CVE-2024-28058

Summary

In RSA NetWitness Platform versions prior to 12.5.1, a serious flaw exists that enables an internal threat actor to circumvent access controls. Even after an administrator revokes a user's access, the system does not fully terminate the user's session, allowing unauthorized access to sensitive data. This vulnerability highlights the importance of robust session management and the need for constant vigilance in safeguarding user permissions.

References