CVE-2026-45178

Published: Giu 11, 2026 Last Modified: Giu 11, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,4

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credentials could leverage these endpoints to potentially retrieve unauthorized secrets or cause a denial of service (DoS). CyberArk Security Bulletin: CA26-20

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0014

Percentile

0,3th

Updated

EPSS Score Trend (Last 3 Days)

284

Improper Access Control

Incomplete

Abstraction: Pillar Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

Technologies: Not Technology-Specific, ICS/OT, Web Based

View CWE Details

https://docs.cyberark.com/credential-providers/latest/en/co…

https://docs.cyberark.com/credential-providers/latest/en/content/landingpages/c…

https://docs.cyberark.com/secrets-manager-sh/13.9/en/conten…

https://docs.cyberark.com/secrets-manager-sh/13.9/en/content/enterprise/release…

CVE-2026-45178

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 3 Days)

Improper Access Control

Common Consequences

Applicable Platforms

Iscriviti alla newsletter