Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Credential Provider Security Vulnerabilities

cve
cve

CVE-2021-31796

An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than...

7.5CVSS

7.3AI Score

0.005EPSS

2021-09-02 01:15 AM
36
cve
cve

CVE-2021-31798

The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache...

4.4CVSS

4.5AI Score

0.0004EPSS

2021-09-02 01:15 AM
32
cve
cve

CVE-2021-31797

The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password...

5.1CVSS

5.1AI Score

0.001EPSS

2021-09-02 12:15 AM
25