CVE-2024-7050
published 2024-07-26CVE-2024-7050: Improper Authentication vulnerability in OpenText OpenText Directory Services may allow Multi-factor Authentication Bypass in particular scenarios.This issue…
PriorityP348high8.3CVSS 4.0
AVNACLATNPRNUIAVCLVINVAHSCHSILSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSNAUNRAVDREMUAmber
EPSS
0.57%
43.0th percentile
Improper Authentication vulnerability in OpenText OpenText Directory Services may allow Multi-factor Authentication Bypass in particular scenarios.This issue affects OpenText Directory Services: 24.2.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opentext | opentext_directory_services | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2024-12747 rsync: Race Condition in rsync Handling Symbolic Links
bugzilla·2024-12-18·CVSS 5.6
CVE-2024-12747 [MEDIUM] CVE-2024-12747 rsync: Race Condition in rsync Handling Symbolic Links
CVE-2024-12747 rsync: Race Condition in rsync Handling Symbolic Links
This vulnerability stems from a race condition in rsync's handling of symbolic links. By exploiting timing differences, an attacker can bypass the expected behavior of skipping symbolic links during file synchronization. This flaw becomes critical in scenarios where rsync runs with elevated privileges, as it can inadvertently expose sensitive files to unprivileged users, potentially leading to privilege escalation.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2025:2600 https://access.redhat.com/errata/RHSA-2025:2600
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2025:7050 https://access.redhat.com/errata
Bugzilla
CVE-2024-12088 rsync: --safe-links option bypass leads to path traversal
bugzilla·2024-12-05·CVSS 7.5
CVE-2024-12088 [HIGH] CVE-2024-12088 rsync: --safe-links option bypass leads to path traversal
CVE-2024-12088 rsync: --safe-links option bypass leads to path traversal
rsync --safe-links options fail to verify whether a symbolic link destination contains another symbolic link with it leading to a path traversal vulnerability
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2025:2600 https://access.redhat.com/errata/RHSA-2025:2600
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2025:7050 https://access.redhat.com/errata/RHSA-2025:7050
2024-07-26
Published