MEDIUM🇵🇱 Wersja polska

CVE-2024-5866

CVSS 5.0v3.1pub. 2024-07-02upd. 2024-11-21

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing listing of arbitrary directory outside the root directory of the web application. Versions 23.1-HF7 and on have the patch.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
  • Delinea Privileged Access Service

    APP
    Delinea
    ≤ 22.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2024-5865HIGH7.7ten sam produkt

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traver...

CVE-2023-4589CRITICAL9.1ten sam vendor

Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 ver...

CVE-2024-33891HIGH8.8ten sam vendor

Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP API in SecretS...

CVE-2024-25652HIGH7.6ten sam vendor

In Delinea PAM Secret Server 11.4, it is possible for a user assigned "Administer Reports" permission and/or w...

CVE-2025-12810MEDIUM5.3ten sam vendor

Improper Authentication vulnerability in Delinea Inc. Secret Server On-Prem (RPC Password Rotation modules).Th...