PT-2024-5772 · Cyberark · Cyberark Identity Management

Published

2024-08-22

Updated

2024-08-30

CVE-2024-42340

CVSS v2.0

8.7

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:P

Name of the Vulnerable Software and Affected Versions CyberArk (affected versions not specified)

Description The issue is related to the implementation of security functions on the client-side in CyberArk Identity Management, which can be exploited by a remote attacker to elevate their privileges. This is a client-side enforcement of server-side security issue. Unauthenticated attackers can bypass security controls.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-602

Related Identifiers

BDU:2024-06485

CVE-2024-42340

Affected Products

Cyberark Identity Management

PT-2024-5772 · Cyberark · Cyberark Identity Management

CVE-2024-42340

Weakness Enumeration

Related Identifiers

Affected Products

References · 19