GHSA-6x94-6f82-g4jwCriticalCVSS 9.1

Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its...

Published
June 11, 2026
Last Modified
June 22, 2026

🔗 CVE IDs covered (1)

📋 Description

Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this by submitting a specially crafted request. Under specific circumstances, this could allow the attacker to manipulate internal validation mechanisms, potentially leading to a bypass of identity verification and the unauthorized acquisition of an access token. CyberArk Security Bulletin: CA26-20

🔗 References (3)