CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-38493

A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.9%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2024-38493

Broadcom » Symantec Privileged Access Management » Version: 4.1.0

cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0
Broadcom » Symantec Privileged Access Management » Version: 4.1.0.0

cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0.0
Broadcom » Symantec Privileged Access Management » Version: 4.1.0.10

cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0.10
Broadcom » Symantec Privileged Access Management » Version: 4.1.7

cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-38493

Products

Pricing

Contact Us