Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address environment issues that can contribute to Host header injection.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
使用不可信的源
Vulnerability Title
CyberArk Privileged Access Manager Self-Hosted 安全漏洞
Vulnerability Description
CyberArk Privileged Access Manager Self-Hosted是以色列CyberArk公司的一个特权访问自托管管理器。 CyberArk Privileged Access Manager Self-Hosted 14.4之前版本存在安全漏洞,该漏洞源于密码库 Web 访问无法正确解决,可能导致主机标头注入的环境问题。
CVSS Information
N/A
Vulnerability Type
N/A