18 results (0.005 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option. • https://www.exploit-db.com/exploits/42319 http://lp.cyberark.com/rs/316-CZP-275/images/ds-Viewfinity-102315-web.pdf •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. In certain configurations, that response header contains different, predictable value ranges which can be used to determine whether a user exists in the tenant. CyberArk Identity versiones hasta la 22.1 incluyéndola, en el recurso "StartAuthentication", exponen el encabezado de respuesta "X-CFY-TX-TM". En determinadas configuraciones, ese encabezado de respuesta contiene diferentes rangos de valores predecibles que pueden ser usados para determinar si un usuario se presenta en el tenant • https://docs.cyberark.com/Product-Doc/OnlineHelp/Idaptive/Latest/en/Content/ReleaseNotes/ReleaseNotes-Latest.htm https://fluidattacks.com/advisories/porter • CWE-330: Use of Insufficiently Random Values •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a Trojan horse Procmon64.exe in the user's Temp directory. CyberArk Endpoint Privilege Manager (EPM) versiones hasta 11.5.3.328 anteriores a 20-12-2021, permite a un usuario local alcanzar privilegios elevados por medio de un troyano Procmon64.exe en el directorio Temp del usuario • https://docs.cyberark.com/Product-Doc/OnlineHelp/EPM-onprem/Latest/en/Content/Release%20Notes/RN-WhatsNew.htm https://hencohen10.medium.com/cyberark-endpoint-manager-local-privilege-escalation-cve-2021-44049-67cd5e62c3d2 https://www.cyberark.com/ca21-34 https://www.cyberark.com/product-security • CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36. Una vulnerabilidad de cifrado inadecuado detectada en CyberArk Credential Provider versiones anteriores a 12.1, puede conllevar a una Divulgación de Información. Un atacante puede tener, de forma realista, suficiente información como para que el número de claves posibles (para un archivo de credenciales) sea sólo uno, y el número no suele ser superior a 2^36 • http://packetstormsecurity.com/files/164023/CyberArk-Credential-File-Insufficient-Effective-Key-Space.html http://seclists.org/fulldisclosure/2021/Sep/1 https://korelogic.com/Resources/Advisories/KL-001-2021-008.txt https://www.cyberark.com/resources/blog • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files. El espacio de claves efectivo usado para cifrar la caché en CyberArk Credential Provider versiones anteriores a 12.1, presenta una entropía baja, y en determinadas condiciones un usuario local malicioso puede obtener el texto plano de los archivos de la caché • http://packetstormsecurity.com/files/164035/CyberArk-Credential-Provider-Local-Cache-Decryption.html http://seclists.org/fulldisclosure/2021/Sep/3 https://korelogic.com/Resources/Advisories/KL-001-2021-010.txt https://www.cyberark.com/resources/blog • CWE-331: Insufficient Entropy •