Vulnerabilities > Cyberark > Identity > 21.1.109

DATE CVE VULNERABILITY TITLE RISK
2022-03-03 CVE-2022-22700 Use of Insufficiently Random Values vulnerability in Cyberark Identity
CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'.
network
low complexity
cyberark CWE-330
5.0
5.0
2021-09-01 CVE-2021-37151 Information Exposure Through Discrepancy vulnerability in Cyberark Identity
CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals whether the username is valid.
network
low complexity
cyberark CWE-203
5.3
5.3