VMware Alert: Uninstall EAP Now – Critical Flaw Puts Active Directory at Risk

February 21, 2024

VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw.
Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug.
“A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying

Tags
February 21, 2024

Related Articles

New Timing Attack Against NPM Registry API Could Expose Private Packages

October 13, 2022

Taking the Risk-Based Approach to Vulnerability Patching

July 27, 2022

Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack

April 4, 2023

New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain

July 16, 2022
© Copyright 2024, All Rights Reserved  |  PlanetJon
Back to top button