CVE-2020-25374
First published: Wed Oct 28 2020(Updated: )
CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CyberArk Privileged Session Manager | =10.9.0.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-25374.
What is the severity of CVE-2020-25374?
The severity of CVE-2020-25374 is rated as low with a severity value of 2.6.
What is the impacted software for CVE-2020-25374?
The impacted software for CVE-2020-25374 is CyberArk Privileged Session Manager (PSM) version 10.9.0.15.
How can attackers exploit CVE-2020-25374?
Attackers can exploit CVE-2020-25374 by reading an error popup message after two hours of idle time, allowing them to discover internal pathnames.
Are there any references available for CVE-2020-25374?
Yes, references for CVE-2020-25374 can be found at the following links: [Reference 1](https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20SysReq/System%20Requirements%20-%20PSM.htm) and [Reference 2](https://medium.com/@virajmota38/full-path-disclosure-8a9358e5a867).
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cyberark
- canonical/cyberark privileged session manager
- version/cyberark privileged session manager/10.9.0.15