Home

Description

In RSA NetWitness (NW) Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data.

PUBLISHED Reserved 2024-03-01 | Published 2024-11-18 | Updated 2024-11-21 | Assigner mitre

References

community.netwitness.com/.../netwitness-online-documentation

community.netwitness.com/...roken-access-control/ta-p/719454

cve.org (CVE-2024-28058)

nvd.nist.gov (CVE-2024-28058)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.