Home / Security updates / Disclosure of CVE-2024-12908
Disclosure of CVE-2024-12908
Security updates detail rendered from /security-updates/upd_6e8077dca9c9d7b3.
Overview
| ID | upd_6e8077dca9c9d7b3 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Delinea |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_6e8077dca9c9d7b3 |
| providerId | safebase |
| organizationId | org_a3ee621a755352d9 |
| trustCenterId | tc_c2a1aa0eb7eda998 |
| title | Disclosure of CVE-2024-12908 |
| message | UPDATED : Upon further analysis of the remediation for [CVE-2024-12908](https://nvd.nist.gov/vuln/detail/cve-2024-12908), a remediation bypass was identified impacting Secret Server Cloud and Secret Server on-prem. Delinea has addressed the bypass in Secret Server on-prem [version 11.9](https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-9-000006.htm) and deployed the fix to Secret Server Cloud. Customers of Secret Server Cloud that utilize protocol handler must update to protocol handler version [6.0.3.38](https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm#TuesdayAugust122025) or later to address this issue. During a customer test of Secret Server, a third party discovered vulnerabilities in the protocol handler function -- which are now disclosed in [CVE-2024-12908](https://nvd.nist.gov/vuln/detail/cve-2024-12908) The third party approached Delinea with their findings and in collaboration with Delinea's Development an |
| url | - |
| publishedAt | 2024-12-26 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_a3ee621a755352d9",
"name": "Delinea",
"domains": [
"trust.delinea.com",
"delinea.com"
]
} |
| trust_center | {
"id": "tc_c2a1aa0eb7eda998",
"name": "Delinea",
"url": "https://trust.delinea.com",
"host": "trust.delinea.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_6e8077dca9c9d7b3",
"company": "/v1/companies/org_a3ee621a755352d9",
"trust_center": "/v1/trust-centers/tc_c2a1aa0eb7eda998",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_6e8077dca9c9d7b3JSON