CVE-2024-5866

Name of the Vulnerable Software and Affected Versions: Delinea Centrify PAS versions prior to 23.1-HF7

Description: The issue allows for a path traversal vulnerability, enabling the listing of arbitrary directories outside the root directory of the web application. This is due to the application being prone to directory traversal attacks.

Recommendations: For versions prior to 23.1-HF7, update to version 23.1-HF7 or later to apply the patch and resolve the issue. As a temporary workaround, consider restricting access to sensitive directories to minimize the risk of exploitation.