Vulnerabilities > Cyberark > Credential Provider
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-02 | CVE-2021-31796 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cyberark Credential Provider An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. | 7.5 |
2021-09-02 | CVE-2021-31798 | Insufficient Entropy vulnerability in Cyberark Credential Provider The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files. | 4.4 |
2021-09-02 | CVE-2021-31797 | Insufficient Entropy vulnerability in Cyberark Credential Provider The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure. | 5.1 |