SB2018041011 - Multiple vulnerabilities in CyberArk Password Vault Web Access
Published: April 10, 2018 Updated: April 13, 2018
Security Bulletin ID
SB2018041011
Severity
High
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Deserialization of untrusted data (CVE-ID: CVE-2018-9843)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.The weakness exists due to use of authentication tokens which consist of serialized .NET objects. A remote attacker can submit specially crafted tokens, trigger deserialization of untrusted data and execute arbitrary code with privileges of the web application.
Successful exploitation of the vulnerability may result in system compromise.
2) Information disclosure (CVE-ID: CVE-2018-9842)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper information control. A remote attacker can send a specially crafted Logon request to cause the target service to return a response containing 49 bytes of potentially sensitive information from system memory.
Remediation
Install update from vendor's website.