Vulnerability Details CVE-2023-23632
BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.4%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2023-23632
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.2.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.2.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.3.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.3.2