4 matches found
CVE-2021-31796
creationtimestamp| type| source ---|---|--- 2021-09-02 07:35:45+00:00| seen| https://t.me/cibsecurity/28204 2021-10-11 18:03:06+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/675...
CVE-2021-31796
CVE-2021-31796 affects CyberArk Credential Provider before v12.1, where an inadequate encryption scheme (AES-256-CBC with a custom key-derivation using environmental fields) can shrink the effective key space to as little as 2^36 in realistic scenarios, enabling potential information disclosure f...
CyberArk Credential File Insufficient Effective Key Space
Vulnerability Details Affected Vendor: CyberArk Affected Product: Application Access Manager/Credential Provider Affected Version: Prior to 12.1 Platform: Linux/Windows/zOS CWE Classification: CWE-326: Inadequate Encryption Strength CVE ID: CVE-2021-31796 2. Vulnerability Description CyberArk...
Exploit for Use of a Broken or Risky Cryptographic Algorithm in Cyberark Credential_Provider
C-Ark Credential Decoder Exploit tool for CVE-2021-31796...