This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise AutoPass License Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 8.0. The following CVEs are assigned: CVE-2024-51768.
More Stories
USN-7171-1: PHPUnit vulnerability
It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this...
USN-7168-1: EditorConfig vulnerabilities
It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use...
dante-1.4.4-1.fc42
FEDORA-2024-e922e33593 Packages in this update: dante-1.4.4-1.fc42 Update description: Automatic update for dante-1.4.4-1.fc42. Changelog * Wed Dec 18 2024 Tim Semeijn...
USN-7159-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7166-2: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7173-1: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...