[FD] [RT-SA-2017-015] CyberArk Password Vault Memory Disclosure

2018-04-09 Thread RedTeam Pentesting GmbH
Advisory: CyberArk Password Vault Memory Disclosure Data in the CyberArk Password Vault may be accessed through a proprietary network protocol. While answering to a client's logon request, the vault discloses around 50 bytes of its memory to the client. Details === Product: CyberArk

[FD] [RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution

2018-04-09 Thread RedTeam Pentesting GmbH
Advisory: CyberArk Password Vault Web Access Remote Code Execution The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web