Input Validation Flaw in CyberArk Idira Privileged Session Manager for SSH
CVE-2026-45172

8.7HIGH

What is CVE-2026-45172?

A vulnerability exists due to insufficient input validation in CyberArk's Idira Privileged Session Manager for SSH, affecting certain versions. This flaw may allow authenticated, low-privileged users to execute arbitrary commands on the PSMP host, posing a significant risk to the integrity of the system.

Affected Version(s)

PAM Self-Hosted, Privilege Cloud 14.0 < 14.0.6

PAM Self-Hosted, Privilege Cloud 14.2 < 14.2.5

PAM Self-Hosted, Privilege Cloud 14.6 < 14.6.3

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
.