Vulnerability CVE-2018-14894


Published: 2019-04-09

Description:
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
CyberArk EPM 10.2.1.603 Security Restrictions Bypass
Alpcan Onaran
14.04.2019

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: Cyberark
Product: Endpoint privilege manager 
Version: 10.2.1.603;

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://packetstormsecurity.com/files/152489/CyberArk-EPM-10.2.1.603-Security-Restrictions-Bypass.html
https://mustafakemalcan.com/cyberark-epm-file-block-bypass-cve-2018-14894/
https://www.exploit-db.com/exploits/46688/
https://www.youtube.com/watch?v=B0VpK0poTco

Related CVE
CVE-2019-7442
An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authent...
CVE-2019-9627
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image, such as a...
CVE-2018-13052
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.
CVE-2018-12903
In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog T...

Copyright 2019, cxsecurity.com

 

Back to Top