Security Advisory

CVE-2019-7442

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-05-08 20:54:48

Last updated 2024-08-04 20:46:46

Assigner mitre

State PUBLISHED

Description

An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system.

← Browse all CVEs View on cve.org ↗