HPE has released a security alert about a critical flaw in its IceWall product, CVE-2024-11856, which lets attackers remotely modify data without permission.
HPE IceWall Flaw
CVE-2024-11856 stems from a flaw in how IceWall modules handle failed password attempts. Instead of enforcing the intended limit on unsuccessful login attempts, the system allows users to bypass it.
This vulnerability could enable attackers to repeatedly attempt logins until they gain unauthorized access, potentially allowing them to modify data without proper authorization.
HPE has rated the vulnerability a CVSS v3.1 score of 3.7, classifying it as medium impact. The issue can be exploited remotely without physical access or user interaction, posing a risk to enterprise environments using IceWall for secure authentication.
HPE has released patches to fix the issue, and users should apply them immediately. The patches include:
- IceWall Gen11 certd Patch Release 14 for RHEL 7, 8, and 9
- IceWall Gen11 certd Patch Release 14 for Windows
- IceWall SSO 10.0 certd Patch Release 10 for HP-UX
The affected IceWall modules are:
- IceWall Gen11 certd for RHEL 7, 8, and 9
- IceWall Gen11 certd for Windows
- IceWall SSO 10.0 certd for HP-UX
Impacted Versions:
- IceWall Gen11 Enterprise Edition certd (RHEL 7, 8, 9, and Windows)
- IceWall Gen11 Standard Edition certd (RHEL 7, 8, 9, and Windows)
- IceWall SSO certd 10.0 (HP-UX)
Users should contact HPE Services support for help with these security updates. Organizations using affected IceWall products should apply the patches promptly to prevent unauthorized data changes.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment