Local Cache Decryption Flaw in CyberArk Credential Provider
CVE-2021-31798

4.4MEDIUM

Key Information:

Vendor

Cyberark

Status
Credential Provider
Vendor
CVE Published:
2 September 2021

What is CVE-2021-31798?

The CyberArk Credential Provider, prior to version 12.1, possesses a vulnerability linked to the effective key space used for cache file encryption. This weakness arises due to low entropy in the encryption keys, allowing a local malicious user to potentially gain access to the plaintext of sensitive cache files under specific conditions, posing a significant security risk.

References

https://www.cyberark.com/resources/blog
x_refsource_MISC
http://seclists.org/fulldisclosure/2021/Sep/3
x_refsource_MISC
https://korelogic.com/Resources/Advisories/KL-001-2021-01...
x_refsource_MISC

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2021-31798 : Local Cache Decryption Flaw in CyberArk Credential Provider