VMware Alert: Uninstall EAP Now – Critical Flaw Puts Active Directory at Risk

VMware Alert: Uninstall EAP Now – Critical Flaw Puts Active Directory at Risk


Feb 21, 2024NewsroomActive Directory / Vulnerability

VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw.

Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug.

“A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary Active Directory…



Source link