Vulnerabilities > Cyberark > Identity > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-25 CVE-2024-42340 Unspecified vulnerability in Cyberark Identity
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security
network
low complexity
cyberark
4.3
2024-08-25 CVE-2024-42337 Information Exposure vulnerability in Cyberark Identity
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
network
low complexity
cyberark CWE-200
6.5
2024-08-25 CVE-2024-42338 Information Exposure vulnerability in Cyberark Identity
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
network
low complexity
cyberark CWE-200
4.3
2024-08-25 CVE-2024-42339 Unspecified vulnerability in Cyberark Identity
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
network
low complexity
cyberark
4.3
2022-03-03 CVE-2022-22700 Use of Insufficiently Random Values vulnerability in Cyberark Identity
CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'.
network
low complexity
cyberark CWE-330
5.0
2021-09-01 CVE-2021-37151 Information Exposure Through Discrepancy vulnerability in Cyberark Identity
CyberArk Identity 21.5.131, when handling an invalid authentication attempt, sometimes reveals whether the username is valid.
network
low complexity
cyberark CWE-203
5.3