Skip to main content

Conjur Cloud Edge Finding Only

1 CVEs product

Monthly

CVE-2026-45177 CRITICAL PATCH Act Now

Authentication bypass in Idira Secrets Manager SaaS Edge prior to version 1.8 allows remote unauthenticated attackers to obtain valid access tokens by submitting specially crafted requests that subvert internal validation logic. Reported by Palo Alto Networks researchers and tracked under CyberArk Security Bulletin CA26-20, the flaw carries a CVSS 4.0 score of 9.1 (Critical) due to high confidentiality and integrity impact on a product whose entire purpose is custody of enterprise secrets. There is no public exploit identified at time of analysis, but the secrets-management use case makes any token theft a high-leverage compromise.

Authentication Bypass Conjur Cloud Edge Finding Only
NVD VulDB
CVSS 4.0
9.1
EPSS
0.1%
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Authentication bypass in Idira Secrets Manager SaaS Edge prior to version 1.8 allows remote unauthenticated attackers to obtain valid access tokens by submitting specially crafted requests that subvert internal validation logic. Reported by Palo Alto Networks researchers and tracked under CyberArk Security Bulletin CA26-20, the flaw carries a CVSS 4.0 score of 9.1 (Critical) due to high confidentiality and integrity impact on a product whose entire purpose is custody of enterprise secrets. There is no public exploit identified at time of analysis, but the secrets-management use case makes any token theft a high-leverage compromise.

Authentication Bypass Conjur Cloud Edge Finding Only
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy