Vulnerabilities > Cyberark

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-26	CVE-2018-12903	Cross-site Scripting vulnerability in Cyberark Endpoint Privilege Manager 10.2.1.603 In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Group Name in the Application Group Wizard. network low complexity cyberark CWE-79	5.4
2018-04-12	CVE-2018-9843	Deserialization of Untrusted Data vulnerability in Cyberark Password Vault 10.0 The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header. network low complexity cyberark CWE-502 critical	9.8
2018-04-12	CVE-2018-9842	Information Exposure vulnerability in Cyberark Password Vault CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message. network low complexity cyberark CWE-200	5.3

Vulnerabilities > Cyberark {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cyberark"}]}