Héctor De Armas Padrón

**Name of the Vulnerable Software and Affected Versions** Delinea Secret Server versions 10.9.000002 through 11.4.000002 **Description** The issue allows an authenticated user with administrative privileges to create a backup file in the application's webroot directory by changing the default backup directory to the wwwroot folder. This enables the user to download the backup file along with certain configuration files, including `encryption.config` and `database.config`, which are stored in the wwwroot directory. As a result, database credentials are exposed in plain text. **Recommendations** For versions 10.9.000002 and 11.4.000002, consider restricting access to the backup functionality and the wwwroot directory to prevent unauthorized downloads of sensitive configuration files. Additionally, as a temporary workaround, consider disabling the ability to change the default backup directory to the wwwroot folder until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Delinea Secret Server version 10.9.000002 **Description** The issue is related to insufficient verification of data authenticity in the software update process. An attacker with an administrator account could exploit this by performing software updates without proper integrity verification mechanisms, allowing them to inject malicious applications during the update. The update process lacks digital signatures and fails to validate the integrity of the update package. **Recommendations** For Delinea Secret Server version 10.9.000002, consider disabling the software update feature until a patch is available to prevent potential exploitation. Restrict access to the update mechanism to minimize the risk of malicious application injection. Avoid using the update process until the issue is resolved with proper integrity verification mechanisms in place. At the moment, there is no information about a newer version that contains a fix for this vulnerability.