Vulnerabilities > Cyberark > Password Vault

DATE CVE VULNERABILITY TITLE RISK
2018-04-12 CVE-2018-9843 Deserialization of Untrusted Data vulnerability in Cyberark Password Vault 10.0
The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.
network
low complexity
cyberark CWE-502
critical
9.8
2018-04-12 CVE-2018-9842 Information Exposure vulnerability in Cyberark Password Vault
CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message.
network
low complexity
cyberark CWE-200
5.3