CVE-2024-10963: Pam: improper hostname interpretation in pam_access leads to access control bypass

Published Nov 7, 2024
·
Updated

A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.

Other sources

A vulnerability in pamaccess allows unauthorized users to bypass access restrictions by spoofing hostnames. This occurs because pamaccess improperly interprets local access.conf rules to match remote hostnames, compromising configurations intended to restrict local access only. The issue affects all deployments using this configuration method, posing a significant risk to secure environments.

Red Hat

Affected Software

2 affected components
PAM pam_access
IBM Edge Application Manager<=4.5

Event History

Nov 7, 2024
Data Sourced
via Red Hat·07:42 AM
DescriptionSeverityAffected Software
CVE Published
via MITRE·04:02 PM
Data Sourced
via MITRE·04:02 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·04:15 PM
DescriptionSeverityWeakness
Aug 20, 2025
Data Sourced
via IBM·12:00 AM
DescriptionAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2024-10963?

The severity of CVE-2024-10963 is classified as high due to its potential for unauthorized access.

2

How do I fix CVE-2024-10963?

To fix CVE-2024-10963, you should update the pam_access configuration to prevent misinterpretation of certain rules as hostnames.

3

What systems are affected by CVE-2024-10963?

CVE-2024-10963 affects systems using pam_access with vulnerable configuration settings.

4

What type of vulnerability is CVE-2024-10963?

CVE-2024-10963 is a configuration vulnerability that enables unauthorized access through hostname impersonation.

5

Can CVE-2024-10963 be exploited remotely?

Yes, CVE-2024-10963 can potentially be exploited remotely if an attacker knows how to manipulate the hostname configurations.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203