CVE-2024-37346 – This vulnerability allows attackers with system... (How to Fix)

Q: What is the severity of CVE-2024-37346?

CVE-2024-37346 has a CVSS score of 4.9 (MEDIUM). This vulnerability allows attackers with system administrator permissions to impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the warehouse over the network. It affects Absolute Secure Access versions prior to 13.06. There is no loss of warehouse integrity or confidentiality.

📋 TL;DR

This vulnerability allows attackers with system administrator permissions to impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the warehouse over the network. It affects Absolute Secure Access versions prior to 13.06. There is no loss of warehouse integrity or confidentiality.

💻 Affected Systems

Products:

Absolute Secure Access

Versions: All versions prior to 13.06

Operating Systems: Not OS-specific

Default Config Vulnerable: ⚠️ Yes

Notes: Requires attacker to have system administrator permissions; affects the Warehouse component specifically.

📦 What is this software?

Secure Access by Absolute

View all CVEs affecting Secure Access →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete unavailability of Secure Access administrative UI components, disrupting administrative operations and monitoring capabilities.

🟠

Likely Case

Partial degradation of administrative UI functionality, requiring administrative intervention to restore normal operations.

🟢

If Mitigated

Minimal impact with proper access controls and monitoring in place to detect and prevent unauthorized administrative actions.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrative credentials; involves writing invalid data to the warehouse component.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 13.06

Vendor Advisory: https://www.absolute.com/platform/security-information/vulnerability-archive/secure-access-1306/cve-2024-37346/

Restart Required: Yes

Instructions:

1. Download Absolute Secure Access version 13.06 from Absolute support portal. 2. Backup current configuration. 3. Install the update following vendor documentation. 4. Restart the Secure Access service. 5. Verify administrative UI functionality.

🔧 Temporary Workarounds

Restrict Administrative Access

all

Limit system administrator permissions to only trusted personnel and implement multi-factor authentication.

Network Segmentation

all

Isolate warehouse component network access to only necessary administrative systems.

🧯 If You Can't Patch

Implement strict access controls and monitoring for administrative accounts.
Deploy network segmentation to limit warehouse component exposure.

🔍 How to Verify

Check if Vulnerable:

Check Secure Access version in administrative UI or via command line: version should be less than 13.06.

Check Version:

Check administrative UI dashboard or vendor-specific CLI command for version information.

Verify Fix Applied:

Verify version is 13.06 or higher in administrative UI and test administrative UI functionality.

📡 Detection & Monitoring

Log Indicators:

Unusual administrative login patterns
Failed warehouse write attempts
Administrative UI error logs

Network Indicators:

Unusual network traffic to warehouse component from administrative systems

SIEM Query:

source="secure_access" AND (event_type="admin_login" OR event_type="warehouse_write") AND status="failed"

📊 Metadata

CVE ID: CVE-2024-37346

CVSS v3 Score: 4.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-20

Published: June 20, 2024

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-37346, you might also want to check these: