Shahar Tal

**Name of the Vulnerable Software and Affected Versions** Conjur OSS versions 1.19.5 through 1.21.1 Secrets Manager, Self-Hosted versions 13.1 through 13.4.1 **Description** Conjur provides secrets management and application identity for infrastructure. An authenticated attacker who can inject secrets or templates into the Secrets Manager, Self-Hosted database could exploit an exposed API endpoint to execute arbitrary Ruby code within the Secrets Manager process. This issue affects both Secrets Manager, Self-Hosted and Conjur OSS. **Recommendations** Update Conjur OSS to version 1.21.2 or later. Update Secrets Manager, Self-Hosted to version 13.5 or later.

**Name of the Vulnerable Software and Affected Versions** Conjur Secrets Manager, Self-Hosted versions prior to 13.5.1 and 13.6.1 Conjur OSS versions prior to 1.22.1 **Description** Conjur provides secrets management and application identity for infrastructure. An authenticated attacker who is able to load policy can use the policy YAML parser to reference files on the Secrets Manager, Self-Hosted server. These references may be used for reconnaissance to understand the folder structure of the Secrets Manager/Conjur server or to have the YAML parser include files on the server in the YAML that is processed when the policy loads. **Recommendations** Upgrade Conjur Secrets Manager, Self-Hosted to version 13.5.1 or 13.6.1. Upgrade Conjur OSS to version 1.22.1.

**Name of the Vulnerable Software and Affected Versions** CyberArk Secrets Manager, Self-Hosted versions prior to 13.5.1 and 13.6.1 Conjur OSS versions prior to 1.22.1 **Description** An attacker with access to a misconfigured network device routing traffic from Secrets Manager to AWS can redirect authentication requests to a malicious server under their control. CyberArk believes that very few installations are susceptible to active exploitation. **Recommendations** Update CyberArk Secrets Manager, Self-Hosted to version 13.5.1 or 13.6.1. Update Conjur OSS to version 1.22.1.

**Name of the Vulnerable Software and Affected Versions** Conjur OSS versions 1.19.5 through 1.22.0 Secrets Manager, Self-Hosted versions 13.1 through 13.6 **Description** Conjur provides secrets management and application identity for infrastructure. A malformed regular expression allows an attacker manipulating headers signed by AWS to redirect the authentication validation request sent by Secrets Manager, Self-Hosted to a malicious server. This redirection could bypass the IAM Authenticator, granting the attacker permissions granted to the client whose request was manipulated. **Recommendations** Conjur OSS version 1.22.1 or later Secrets Manager, Self-Hosted version 13.5.1 or later Secrets Manager, Self-Hosted version 13.6.1 or later

**Name of the Vulnerable Software and Affected Versions** Conjur Secrets Manager, Self-Hosted versions prior to 13.5.1 and 13.6.1 Conjur OSS versions prior to 1.22.1 **Description** Conjur provides secrets management and application identity for infrastructure. Missing validations in Secrets Manager, Self-Hosted allows authenticated attackers to inject resources into the database and bypass permission checks. **Recommendations** Update Conjur Secrets Manager, Self-Hosted to version 13.5.1 or 13.6.1. Update Conjur OSS to version 1.22.1.

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 4.3.1 **Description** The issue allows remote authenticated users to bypass intended access restrictions. This can lead to a private post being published and made sticky. **Recommendations** For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 4.3.1 **Description** A cross-site scripting (XSS) issue exists due to the mishandling of unclosed HTML elements during processing of shortcode tags, allowing remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue.