Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validations
Vulnerability Description
Conjur provides secrets management and application identity for infrastructure. Missing validations in Secrets Manager, Self-Hosted allows authenticated attackers to inject resources into the database and to bypass permission checks. This issue affects Secrets Manager, Self-Hosted (formerly Conjur Enterprise) prior to versions 13.5.1 and 13.6.1 and Conjur OSS prior to version 1.22.1. Conjur OSS version 1.22.1 and Secrets Manager, Self-Hosted versions 13.5.1 and 13.6.1 fix the issue.
CVSS Information
N/A
Vulnerability Type
授权机制缺失
Vulnerability Title
CyberArk Conjur 安全漏洞
Vulnerability Description
CyberArk Conjur是CyberArk开源的一个密钥管理软件。 CyberArk Conjur存在安全漏洞,该漏洞源于验证缺失,可能导致权限绕过。
CVSS Information
N/A
Vulnerability Type
N/A