PT-2019-9072 · Cyberark · Cyberark Endpoint Privilege Manager

Alpcan Onaran

+1

·

Publicado

2019-04-09

·

Atualizado

2019-10-03

·

CVE-2018-14894

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions CyberArk Endpoint Privilege Manager versions 10.2.1.603 and earlier
Description The issue allows an attacker who can edit file permissions to bypass access restrictions and execute blocked applications.
Recommendations For versions 10.2.1.603 and earlier, update to a version later than 10.2.1.603 to resolve the issue.

Exploit

Correção

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-269

Identificadores relacionados

CVE-2018-14894

Produtos afetados

Cyberark Endpoint Privilege Manager