Vladas Bulavas

Name of the Vulnerable Software and Affected Versions: Delinea Centrify PAS versions prior to 23.1-HF7 Description: The issue allows for path traversal, enabling the reading of arbitrary files outside the web publish directory. This is due to a vulnerability in the application. Recommendations: For versions prior to 23.1-HF7, update to version 23.1-HF7 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Delinea Centrify PAS versions prior to 23.1-HF7 Description: The issue allows for a path traversal vulnerability, enabling the listing of arbitrary directories outside the root directory of the web application. This is due to the application being prone to directory traversal attacks. Recommendations: For versions prior to 23.1-HF7, update to version 23.1-HF7 or later to apply the patch and resolve the issue. As a temporary workaround, consider restricting access to sensitive directories to minimize the risk of exploitation.