Headline
CVE-2022-25625: Support Content Notification - Support Portal - Broadcom support portal
A malicious unauthorized PAM user can access the administration configuration data and change the values.
Privilege Escalation Vulnerability in PAM 4.1
Last Updated
26 August 2022
Initial Publication Date
26 August 2022
Summary
The Symantec Privileged Access Management (PAM) is susceptible to a privilege escalation vulnerability. A malicious PAM unauthorized user can access the PAM configuration endpoints with the read and write permissions when multi-factor authentication (MFA) is enabled, which they might not otherwise be authorized to access.
Affected Product(s)
Symantec Privileged Access Management
CVE
Supported Version(s)
Remediation
CVE-2022-25625
4.1.0
4.0.0-4.0.3
3.4.0-3.4.6
PAM 4.1 customers should apply Hotfix 4.1.0.10.
PAM 4.0.3 customers should apply Hotfix 4.0.3.01.
PAM 4.0.2 customers should apply Hotfix 4.0.2.04.
PAM 4.0.1 customers should apply Hotfix 4.0.1.19.
PAM 4.0 customers should apply Hotfix 4.0.0.05.
PAM 3.4.6 customers should apply Hotfix 3.4.6.05. PAM 3.4.0-3.4.5 can upgrade to a newer release and apply a corresponding hotfix.
Issue Details
CVE-2022-25625
Severity / CVSS v3.1:
Critical / 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H)
References:
NVD: CVE-2022-25625
Impact:
Privilege Escalation
Description:
A malicious unauthorized PAM user can access the administration configuration data and change the values.
References
- Privileged Access Manager Solutions & Patches: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/release-announcements/CA-Privileged-Access-Manager-Solutions–Patches/5929
- Privileged Access Manager Hotfixes: https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager-hotfixes/Current.html
Acknowledgements
- CVE-2022-25625 Nikola Kojic, RAS-IT | <www.ras-it.rs>
Revisions
2022-08-26 Initial public release