Privilege Escalation Vulnerability in PAM 4.1

CA Privileged Access Manager (PAM)

0 more products

20850

26 August 2022

26 August 2022

CLOSED

CRITICAL

9.9

Summary

The Symantec Privileged Access Management (PAM) is susceptible to a privilege escalation vulnerability. A malicious PAM unauthorized user can access the PAM configuration endpoints with the read and write permissions when multi-factor authentication (MFA) is enabled, which they might not otherwise be authorized to access.

Affected Product(s)

Symantec Privileged Access Management
CVE Supported Version(s) Remediation
CVE-2022-25625

4.1.0

4.0.0-4.0.3

3.4.0-3.4.6

PAM 4.1 customers should apply Hotfix 4.1.0.10.

PAM 4.0.3 customers should apply Hotfix 4.0.3.01.

PAM 4.0.2 customers should apply Hotfix 4.0.2.04.

PAM 4.0.1 customers should apply Hotfix 4.0.1.19.

PAM 4.0 customers should apply Hotfix 4.0.0.05.

PAM 3.4.6 customers should apply Hotfix 3.4.6.05. PAM 3.4.0-3.4.5 can upgrade to a newer release and apply a corresponding hotfix.

 

Issue Details

CVE-2022-25625
Severity / CVSS v3.1: Critical / 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H)
References: NVD: CVE-2022-25625
Impact: Privilege Escalation
Description: A malicious unauthorized PAM user can access the administration configuration data and change the values.

References

Acknowledgements

  • CVE-2022-25625 Nikola Kojic, RAS-IT | <www.ras-it.rs>

Revisions

2022-08-26 Initial public release