Known Vulnerabilities for products from Pam Tacplus Project
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Pam Tacplus Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-27743 json | libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use o... | 9.8 - CRITICAL | 2020-10-26 | 2020-11-02 |
| CVE-2020-13881 json | In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and j... | 7.5 - HIGH | 2020-06-06 | 2022-04-05 |
| CVE-2016-20014 json | In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure. | 9.8 - CRITICAL | 2022-04-21 | 2022-05-02 |
Known software with vulnerabilities from Pam Tacplus Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pam Tacplus Project | Pam Tacplus | 1.3.8 |