Multiple vulnerabilities in CyberArk Credential Provider
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2021-31796 CVE-2021-31797 CVE-2021-31798 |
| CWE-ID | CWE-326 CWE-362 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
Credential Provider Client/Desktop applications / Other client software |
| Vendor |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Inadequate Encryption Strength
EUVDB-ID: #VU56270
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31796
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the effective key space used to encrypt the passwords is significantly reduced. A remote attacker can gain access to sensitive information on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCredential Provider: before 12.1
External linkshttp://www.cyberark.com/resources/blog
http://korelogic.com/Resources/Advisories/KL-001-2021-008.txt
http://seclists.org/fulldisclosure/2021/Sep/1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Race condition
EUVDB-ID: #VU56271
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31797
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a race condition in the user identification mechanism. A remote attacker can exploit the race and disclose passwords.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCredential Provider: before 12.1
External linkshttp://www.cyberark.com/resources/blog
http://korelogic.com/Resources/Advisories/KL-001-2021-009.txt
http://seclists.org/fulldisclosure/2021/Sep/2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Inadequate Encryption Strength
EUVDB-ID: #VU56272
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-31798
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the effective key space used to encrypt the cache has low entropy. A local user can obtain the plaintext of cache files.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCredential Provider: before 12.1
External linkshttp://www.cyberark.com/resources/blog
http://seclists.org/fulldisclosure/2021/Sep/3
http://korelogic.com/Resources/Advisories/KL-001-2021-010.txt
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
