CVE-2018-14894 – CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2018-14894
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications. CyberArk Endpoint Privilege Manager 10.2.1.603 y anteriores permite a un atacantes (capaz de editar los permisos de un fichero) eludir las restricciones de acceso previstas y ejecutar aplicaciones bloqueadas. CyberArk EPM version 10.2.1.603 suffers from a security restrictions bypass vulnerability. • https://www.exploit-db.com/exploits/46688 http://packetstormsecurity.com/files/152489/CyberArk-EPM-10.2.1.603-Security-Restrictions-Bypass.html https://mustafakemalcan.com/cyberark-epm-file-block-bypass-cve-2018-14894 https://www.youtube.com/watch?v=B0VpK0poTco • CWE-269: Improper Privilege Management •
CVE-2019-9627
https://notcve.org/view.php?id=CVE-2019-9627
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a DLL, with a long path. Un desbordamiento de búfer en el controlador del kernel CybKernelTracker.sys en CyberArk Endpoint Privilege Manager, en versiones anteriores a la 10.7, permite a un atacante (sin permisos del administrador) escalar privilegios o cerrar la máquina cargando una imagen, como puede ser un DLL, con una ruta larga. • http://www.securityfocus.com/bid/107387 http://www.securityfocus.com/bid/107852 https://www.nccgroup.trust/us/our-research/technical-advisory-cyberark-epm-non-paged-pool-buffer-overflow • CWE-787: Out-of-bounds Write •
CVE-2018-12903
https://notcve.org/view.php?id=CVE-2018-12903
In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Group Name in the Application Group Wizard. En CyberArk Endpoint Privilege Manager (antiguamente Viewfinity) 10.2.1.603, existe Cross-Site Scripting (XSS) mediante un nombre de cuenta en la pantalla "create token", la pantalla "SelectAccounts->DisplayName" de VfManager.asmx, los grupos de un usuario en ConfigurationPage, el campo Dialog Title y App Group Name en el asistente de Application Group.. • http://code610.blogspot.com/2018/06/exploiting-cyberark-1021603.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •