PT-2019-9072 · Cyberark · Cyberark Endpoint Privilege Manager

Alpcan Onaran

+1

·

Published

2019-04-09

·

Updated

2019-10-03

·

CVE-2018-14894

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions CyberArk Endpoint Privilege Manager versions 10.2.1.603 and earlier
Description The issue allows an attacker who can edit file permissions to bypass access restrictions and execute blocked applications.
Recommendations For versions 10.2.1.603 and earlier, update to a version later than 10.2.1.603 to resolve the issue.

Exploit

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2018-14894

Affected Products

Cyberark Endpoint Privilege Manager