CVE-2024-36456

Severity CVSS v4.0:

Pending analysis

Type:

CWE-94 Code Injection

Publication date:

15/07/2024

Last modified:

01/08/2024

Description

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

Impact

References to Advisories, Solutions, and Tools

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678