Multiple vulnerabilities in CyberArk Credential Provider
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2021-31796 CVE-2021-31797 CVE-2021-31798 |
| CWE-ID | CWE-326 CWE-362 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Credential Provider Client/Desktop applications / Other client software |
| Vendor | CyberArk |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Inadequate Encryption Strength
EUVDB-ID: #VU56270
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2021-31796
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the effective key space used to encrypt the passwords is significantly reduced. A remote attacker can gain access to sensitive information on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCredential Provider: All versions
CPE2.3 External linkshttps://www.cyberark.com/resources/blog
https://korelogic.com/Resources/Advisories/KL-001-2021-008.txt
https://seclists.org/fulldisclosure/2021/Sep/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU56271
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-31797
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a race condition in the user identification mechanism. A remote attacker can exploit the race and disclose passwords.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCredential Provider: All versions
CPE2.3 External linkshttps://www.cyberark.com/resources/blog
https://korelogic.com/Resources/Advisories/KL-001-2021-009.txt
https://seclists.org/fulldisclosure/2021/Sep/2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Inadequate Encryption Strength
EUVDB-ID: #VU56272
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-31798
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the effective key space used to encrypt the cache has low entropy. A local user can obtain the plaintext of cache files.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCredential Provider: All versions
CPE2.3 External linkshttps://www.cyberark.com/resources/blog
https://seclists.org/fulldisclosure/2021/Sep/3
https://korelogic.com/Resources/Advisories/KL-001-2021-010.txt
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
