CVE-2026-45177

Published: Giu 11, 2026 Last Modified: Giu 11, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,1

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this by submitting a specially crafted request. Under specific circumstances, this could allow the attacker to manipulate internal validation mechanisms, potentially leading to a bypass of identity verification and the unauthorized acquisition of an access token. CyberArk Security Bulletin: CA26-20

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0009

Percentile

0,3th

Updated

EPSS Score Trend (Last 4 Days)

284

Improper Access Control

Incomplete

Abstraction: Pillar Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

Technologies: Not Technology-Specific, ICS/OT, Web Based

View CWE Details

https://docs.cyberark.com/secrets-manager-saas/latest/en/co…

https://docs.cyberark.com/secrets-manager-saas/latest/en/content/conjurcloud/wh…

CVE-2026-45177

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 4 Days)

Improper Access Control

Common Consequences

Applicable Platforms

Iscriviti alla newsletter