CVE-2023-49944

Published: Dec 25, 2023Modified: Nov 21, 2024

6.7

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature.

Affected (1)

Products: Beyondtrust: Privilege Management For Windows

1 product

Privilege Management For Windows

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Beyondtrust Privilege Management For Windows	Before 2023-07-14

References (4)

https://www.beyondtrust.com/security

Source: cve@mitre.org

Vendor Advisory

https://www.beyondtrust.com/trust-center/security-advisories/bt23-08

Source: cve@mitre.org

Vendor Advisory

https://www.beyondtrust.com/security

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.beyondtrust.com/trust-center/security-advisories/bt23-08

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.