CVE-2024-47191 | oath-toolkit up to 2.6.11 pam_oath.so liboath/usersfile.c oath_authenticate_usersfile symlink (Nessus ID 208203)

A vulnerability was found in oath-toolkit up to 2.6.11 and classified as critical. This issue affects the function oath_authenticate_usersfile of the file liboath/usersfile.c of the component pam_oath.so. The manipulation leads to symlink following.

The identification of this vulnerability is CVE-2024-47191. An attack has to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47191 | oath-toolkit up to 2.6.11 pam_oath.so liboath/usersfile.c oath_authenticate_usersfile symlink (Nessus ID 208203)