ByteOS Network

enterprise_password_vault

Source -

NVD

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2019-7442

Assigner-MITRE Corporation

View Details

Assigner-MITRE Corporation

CVSS Score-9.8||CRITICAL

EPSS-5.56% / 89.91%

7 Day CHG~0.00%

Published-08 May, 2019 | 20:54

Updated-04 Aug, 2024 | 20:46

An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system.

Vendor-cyberark n/a

Product-enterprise_password_vault n/a

CWE ID-CWE-611

Improper Restriction of XML External Entity Reference