Filtered by vendor Cyberark
Subscriptions
Filtered by product Credential Provider
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-31798 | 1 Cyberark | 1 Credential Provider | 2024-11-21 | 4.4 Medium |
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files. | ||||
CVE-2021-31797 | 1 Cyberark | 1 Credential Provider | 2024-11-21 | 5.1 Medium |
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure. | ||||
CVE-2021-31796 | 1 Cyberark | 1 Credential Provider | 2024-11-21 | 7.5 High |
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36. |
Page 1 of 1.