Cyberark - Credential Provider CVE

Filtered by vendor Cyberark Subscribe

Filtered by product Credential Provider

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-31797	1 Cyberark	1 Credential Provider	2023-08-08	1.9 LOW	5.1 MEDIUM
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure.
CVE-2021-31798	1 Cyberark	1 Credential Provider	2022-07-12	1.9 LOW	4.4 MEDIUM
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files.

Vulnerabilities (CVE)