Impact
The vulnerability involves Idira Vendor PAM self‑hosted connector versions earlier than 1.1.100504, where, under particular configuration scenarios, TLS certificate validation may not be fully enforced. As a result, an attacker could present a forged or self‑signed certificate and potentially perform a man‑in‑the‑middle attack, intercepting or tampering with traffic. This weakness, classified as CWE‑295, allows bypassing the intended cryptographic trust and could lead to unauthorized access or data exposure.
Affected Systems
CyberArk Software’s PAM SH Connector, versions prior to 1.1.100504, are affected. The connector is part of the Idira Privilege Cloud Connector suite and may be deployed by organizations using this CyberArk product.
Risk and Exploitability
The CVSS score of 7.5 indicates a high severity. The EPSS score is 0.00086, indicating a very low exploitation probability. Because the issue is not listed in the CISA KEV catalog, the vulnerability is not known to be actively exploited in the wild. The attack vector is inferred to involve a man‑in‑the‑middle or similar network‑based exploitation due to the lack of full certificate validation.
OpenCVE Enrichment