Privilege Escalation Vulnerability in PAM 4.1
20850
26 August 2022
26 August 2022
CLOSED
CRITICAL
9.9
Summary
The Symantec Privileged Access Management (PAM) is susceptible to a privilege escalation vulnerability. A malicious PAM unauthorized user can access the PAM configuration endpoints with the read and write permissions when multi-factor authentication (MFA) is enabled, which they might not otherwise be authorized to access.
Affected Product(s)
| Symantec Privileged Access Management | ||
| CVE | Supported Version(s) | Remediation |
| CVE-2022-25625 |
4.1.0 4.0.0-4.0.3 3.4.0-3.4.6 |
PAM 4.1 customers should apply Hotfix 4.1.0.10. PAM 4.0.3 customers should apply Hotfix 4.0.3.01. PAM 4.0.2 customers should apply Hotfix 4.0.2.04. PAM 4.0.1 customers should apply Hotfix 4.0.1.19. PAM 4.0 customers should apply Hotfix 4.0.0.05. PAM 3.4.6 customers should apply Hotfix 3.4.6.05. PAM 3.4.0-3.4.5 can upgrade to a newer release and apply a corresponding hotfix. |
Issue Details
| CVE-2022-25625 | |
| Severity / CVSS v3.1: | Critical / 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H) |
| References: | NVD: CVE-2022-25625 |
| Impact: | Privilege Escalation |
| Description: | A malicious unauthorized PAM user can access the administration configuration data and change the values. |
References
- Privileged Access Manager Solutions & Patches: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/release-announcements/CA-Privileged-Access-Manager-Solutions--Patches/5929
- Privileged Access Manager Hotfixes: https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager-hotfixes/Current.html
Acknowledgements
- CVE-2022-25625 Nikola Kojic, RAS-IT | <www.ras-it.rs>
Revisions
2022-08-26 Initial public release