Unrated severityNVD Advisory· Published Mar 5, 2024· Updated Aug 29, 2024

SAML implementation allows privilege escalation

CVE-2024-2005

Description

In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected.

Blue Planet® has released software updates that address this vulnerability for the affected products. Customers are advised to upgrade their Blue Planet products to the latest software version as soon as possible. The software updates can be downloaded from the Ciena Support Portal.

Affected products

Ciena/Blue Planetllm-create
Range: <=22.12
Blue Planet/Inventory (BPI)v5
Range: early versions
Blue Planet/Orchestration (BPO)v5
Range: early versions
Blue Planet/Route Optimization and Analysis (ROA)v5
Range: early versions
Blue Planet/Unified Assurance and Analytics (UAA)v5
Range: early versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ciena.com/product-securitymitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000