Vulnerabilities > CVE-2020-25374 - Insufficient Session Expiration vulnerability in Cyberark Privileged Session Manager 10.9.0.15

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
high complexity
cyberark
CWE-613

Summary

CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time.

Vulnerable Configurations

Part Description Count
Application
Cyberark
1

Common Weakness Enumeration (CWE)