VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw.
Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug.
“A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs),” the company said in an advisory.
Also discovered in the same tool is a session hijack flaw (CVE-2024-22250, CVSS score: 7.8) that could permit a malicious actor with unprivileged local access to a Windows operating system to seize a privileged EAP session.
The Broadcom-owned company said the vulnerabilities will not be addressed, instead recommending users to remove the plugin altogether to mitigate potential threats.
“The Enhanced Authentication Plugin can be removed from client systems using the client operating system’s method of uninstalling software,” it added.
In a related development, several high- and critical-severity vulnerabilities and misconfigurations have been identified in the Apex programming language developed by Salesforce to build business applications.
At the heart of the problem is the ability to run Apex code in “without sharing” mode, which ignores a user’s permissions, thereby allowing malicious actors to read or exfiltrate data, and even provide specially crafted input to alter execution flow.
Source: https://thehackernews.com/
