Security Advisory

CVE-2024-12310

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-23 11:53:28
Last updated 2025-07-23 12:56:51
Assigner NCSC.ch
State PUBLISHED

Description

A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows bypassing the login screen of the shared kiosk workstation and allows unauthorized access to the underlying Windows system through the already logged-in autologon account due to insufficient handling of keyboard shortcuts. This issue affects Imprivata Enterprise Access Management versions 5.3 through 24.2.