Filtered by vendor Cyberark
Subscriptions
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31796 | 1 Cyberark | 1 Credential Provider | 2024-08-03 | 7.5 High |
| An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36. | ||||
| CVE-2022-22700 | 1 Cyberark | 1 Identity | 2024-08-03 | 5.3 Medium |
| CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. In certain configurations, that response header contains different, predictable value ranges which can be used to determine whether a user exists in the tenant. | ||||