CVE-2024-54840 | CyberArk Access Manager Self-Hosted up to 14.3 PVWA Host injection

Inserito da Angelo Barbosa | Feb 3, 2025 | CVE

A vulnerability was found in CyberArk Access Manager Self-Hosted up to 14.3. It has been classified as problematic. Affected is an unknown function of the component PVWA. The manipulation of the argument Host leads to injection.

This vulnerability is traded as CVE-2024-54840. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-54840 | CyberArk Access Manager Self-Hosted up to 14.3 PVWA Host injection

Post correlati

CVE-2023-49438 | Flask-Security-Too up to 5.3.2 on Python URL /login next redirect

CVE-2024-4912 | Campcodes Online Examination System 1.0 addExamExe.php examTitle sql injection

CVE-2022-49259 | Linux Kernel up to 5.17.1 kobject_del Privilege Escalation

CVE-2023-7146 | gopeak MasterLab up to 3.3.10 HTTP POST Request Feature.php sqlInjectDelete phone sql injection