What is the severity of CVE-2024-10963?

The severity of CVE-2024-10963 is classified as high due to its potential for unauthorized access.

How do I fix CVE-2024-10963?

To fix CVE-2024-10963, you should update the pam_access configuration to prevent misinterpretation of certain rules as hostnames.

What systems are affected by CVE-2024-10963?

CVE-2024-10963 affects systems using pam_access with vulnerable configuration settings.

What type of vulnerability is CVE-2024-10963?

CVE-2024-10963 is a configuration vulnerability that enables unauthorized access through hostname impersonation.

Can CVE-2024-10963 be exploited remotely?

Yes, CVE-2024-10963 can potentially be exploited remotely if an attacker knows how to manipulate the hostname configurations.

Vulnerability/
CVE-2024-10963

high

7.4

CWE

287

7/11/2024

11/4/2025

CVE-2024-10963: Pam: improper hostname interpretation in pam_access leads to access control bypass

First published: Thu Nov 07 2024(Updated: )

A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Pam pam_access

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-10963?
The severity of CVE-2024-10963 is classified as high due to its potential for unauthorized access.
How do I fix CVE-2024-10963?
To fix CVE-2024-10963, you should update the pam_access configuration to prevent misinterpretation of certain rules as hostnames.
What systems are affected by CVE-2024-10963?
CVE-2024-10963 affects systems using pam_access with vulnerable configuration settings.
What type of vulnerability is CVE-2024-10963?
CVE-2024-10963 is a configuration vulnerability that enables unauthorized access through hostname impersonation.
Can CVE-2024-10963 be exploited remotely?
Yes, CVE-2024-10963 can potentially be exploited remotely if an attacker knows how to manipulate the hostname configurations.

agent/title
agent/weakness
agent/type
agent/first-publish-date
agent/author
agent/event
agent/severity
agent/description
agent/trending
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2024-10963
agent/source
collector/mitre-cve
source/MITRE
agent/references
collector/nvd-api
source/NVD
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
vendor/pam
canonical/pam pam_access

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.