Improper Initialization

CVE-2024-36455

High

9.4/10

Summary

An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.

Attack Complexity: LOW
Attack Vector: ADJACENT
User Interaction: NONE
Privileges Required: NONE

CWE-665 - Improper Initialization

The software does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

References

Advisory Timeline

Published Jul 15, 2024

Improper Initialization

CVE-2024-36455

Summary

CWE-665 - Improper Initialization

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS