CVE-2024-25649 Information

Description

In Delinea PAM Secret Server 11.4 it is possible for an attacker (with Administrator access to the Secret Server machine) to read the following data from a memory dump: the decrypted master key database credentials (when SQL Server Authentication is enabled) the encryption key of RabbitMQ queue messages and session cookies.

Reference

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25649