Vulnerabilities > Cyberark > Credential Provider > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-02 | CVE-2021-31796 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cyberark Credential Provider An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. | 5.0 |
| 2021-09-02 | CVE-2021-31797 | Insufficient Entropy vulnerability in Cyberark Credential Provider The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure. | 5.1 |