Description
Idira Vendor PAM - Self-Hosted Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17
Published: 2026-06-12
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability involves Idira Vendor PAM self‑hosted connector versions earlier than 1.1.100504, where, under particular configuration scenarios, TLS certificate validation may not be fully enforced. As a result, an attacker could present a forged or self‑signed certificate and potentially perform a man‑in‑the‑middle attack, intercepting or tampering with traffic. This weakness, classified as CWE‑295, allows bypassing the intended cryptographic trust and could lead to unauthorized access or data exposure.

Affected Systems

CyberArk Software’s PAM SH Connector, versions prior to 1.1.100504, are affected. The connector is part of the Idira Privilege Cloud Connector suite and may be deployed by organizations using this CyberArk product.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity. The EPSS score is 0.00086, indicating a very low exploitation probability. Because the issue is not listed in the CISA KEV catalog, the vulnerability is not known to be actively exploited in the wild. The attack vector is inferred to involve a man‑in‑the‑middle or similar network‑based exploitation due to the lack of full certificate validation.

Generated by OpenCVE AI on June 24, 2026 at 10:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the PAM SH Connector to version 1.1.100504 or later where TLS certificate validation is fully enforced.
  • Validate that configuration settings force strict certificate verification and disable any options that allow self‑signed or untrusted certificates.
  • Review network traffic for signs of interception or unexpected TLS handshakes, and remediate any discovered anomalies.
  • Consult CyberArk’s Security Bulletin CA26‑17 for detailed guidance and any additional patches.

Generated by OpenCVE AI on June 24, 2026 at 10:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
History

Tue, 23 Jun 2026 19:45:00 +0000

Type Values Removed Values Added
Description Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17 Idira Vendor PAM - Self-Hosted Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17
Title Idira Privilege Cloud Connector: Potential Security Bypass due to Incomplete TLS Certificate Validation Idira Vendor PAM - Self-Hosted Connector: Potential Security Bypass due to Incomplete TLS Certificate Validation
First Time appeared Cyberark Software A Palo Alto Networks Company vendor Pam
CPEs cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_sh_connector:*:*:*:*:*:*:*:* cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:vendor_pam:*:*:*:*:*:*:*:*
Vendors & Products Cyberark Software A Palo Alto Networks Company pam Sh Connector
Cyberark Software A Palo Alto Networks Company vendor Pam

Fri, 12 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Cyberark
Cyberark pam Sh Connector
Vendors & Products Cyberark
Cyberark pam Sh Connector

Fri, 12 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 12 Jun 2026 01:30:00 +0000

Type Values Removed Values Added
Description Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17
Title Idira Privilege Cloud Connector: Potential Security Bypass due to Incomplete TLS Certificate Validation
First Time appeared Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company pam Sh Connector
Weaknesses CWE-295
CPEs cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_sh_connector:*:*:*:*:*:*:*:*
Vendors & Products Cyberark Software A Palo Alto Networks Company
Cyberark Software A Palo Alto Networks Company pam Sh Connector
References
Metrics cvssV4_0

{'score': 7.5, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber'}


Subscriptions

Cyberark Pam Sh Connector
Cyberark Software A Palo Alto Networks Company Vendor Pam
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-06-23T19:11:56.985Z

Reserved: 2026-05-08T23:00:57.503Z

Link: CVE-2026-45170

cve-icon Vulnrichment

Updated: 2026-06-12T13:36:15.604Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-12T02:16:42.233

Modified: 2026-06-12T15:30:26.567

Link: CVE-2026-45170

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-24T10:45:03Z

Weaknesses
  • CWE-295

    Improper Certificate Validation