CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6594 – WatchGuard Firebox Single Sign-On Client Denial-of-Service
https://notcve.org/view.php?id=CVE-2024-6594
25 Sep 2024 — Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single Sign-On service by repeatedly issuing malformed commands. This issue affects Single Sign-On Client: through 12.7. • https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00016 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.4EPSS: 2%CPEs: 3EXPL: 1CVE-2024-6592 – WatchGuard Firebox Single Sign-On Agent Protocol Authorization Bypass
https://notcve.org/view.php?id=CVE-2024-6592
25 Sep 2024 — Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4. • https://github.com/RedTeamPentesting/watchguard-sso-client • CWE-863: Incorrect Authorization •