GHSA-6x94-6f82-g4jwCriticalCVSS 9.1
Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its...
🔗 CVE IDs covered (1)
📋 Description
Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this by submitting a specially crafted request. Under specific circumstances, this could allow the attacker to manipulate internal validation mechanisms, potentially leading to a bypass of identity verification and the unauthorized acquisition of an access token. CyberArk Security Bulletin: CA26-20