Cyberark Password Vault vulnerabilities
2 known vulnerabilities affecting cyberark/password_vault.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-9843P2CRITICALCVSS 9.8PoCfixed in 9.9.5≥ 10.0, < 10.12018-04-12
CVE-2018-9843 [CRITICAL] CWE-502 CVE-2018-9843: The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote a
The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.
nvd
CVE-2018-9842P3MEDIUMCVSS 5.3PoCfixed in 9.72018-04-12
CVE-2018-9842 [MEDIUM] CWE-200 CVE-2018-9842: CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from proc
CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message.
nvd