CVE-2025-22271: IP Spoofing in CyberArk Endpoint Privilege Manager
First published: Fri Feb 28 2025(Updated: )
The application or its infrastructure allows for IP address spoofing by providing its own value in the "X-Forwarded-For" header. Thus, the action logging mechanism in the application loses accountability This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact the vendor we did not receive any answer.
Credit: cvd@cert.pl
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CyberArk Endpoint Privilege Manager |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-22271?
CVE-2025-22271 is considered a critical vulnerability due to its potential to allow IP address spoofing.
How do I fix CVE-2025-22271?
To mitigate CVE-2025-22271, ensure that the application does not trust the 'X-Forwarded-For' header or implement validation mechanisms.
What products are affected by CVE-2025-22271?
CVE-2025-22271 affects the CyberArk Endpoint Privilege Manager version 24.7.1.
What are the implications of CVE-2025-22271?
The implications of CVE-2025-22271 include loss of accountability in action logging, which can compromise security monitoring.
Is there a patch available for CVE-2025-22271?
As of now, CyberArk has not publicly released a patch specifically for CVE-2025-22271.
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/references
- agent/last-modified-date
- agent/title
- agent/author
- agent/source
- agent/weakness
- agent/severity
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/cyberark
- canonical/cyberark endpoint privilege manager