Vulnerabilities > Cyberark > High

DATE CVE VULNERABILITY TITLE RISK
2023-05-03 CVE-2017-11197 Unspecified vulnerability in Cyberark Viewfinity 5.5.10.95
In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option.
local
low complexity
cyberark
7.8
2020-06-22 CVE-2020-4062 Unspecified vulnerability in Cyberark Conjur OSS Helm Chart
In Conjur OSS Helm Chart before 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port.
low complexity
cyberark
7.7
2019-05-08 CVE-2019-7442 XXE vulnerability in Cyberark Enterprise Password Vault
An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system.
network
low complexity
cyberark CWE-611
7.5
2018-07-05 CVE-2018-13052 Unspecified vulnerability in Cyberark Endpoint Privilege Manager
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.
network
low complexity
cyberark
7.5
2018-04-12 CVE-2018-9843 Deserialization of Untrusted Data vulnerability in Cyberark Password Vault 10.0
The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.
network
low complexity
cyberark CWE-502
7.5