Privilege Escalation Vulnerability in Idira Privilege Cloud Connector by CyberArk
CVE-2026-45170
7.5HIGH
Key Information:
- Status
- Vendor
- CVE Published:
- 12 June 2026
Badges
👾 Exploit Exists
What is CVE-2026-45170?
The Idira Privilege Cloud Connector, specifically versions prior to 1.1.100504, is susceptible to a vulnerability where TLS certificate validation may not be strictly enforced under certain conditions and configurations. This could potentially allow unauthorized access to sensitive resources. Organizations using this product should review their configurations and ensure compliance with security best practices to mitigate the risk.
Affected Version(s)
Vendor PAM 1.1.0 < 1.1.100504
References
CVSS V4
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
