Critical severity9.8NVD Advisory· Published Apr 12, 2018· Updated Jun 17, 2026
CVE-2018-9843
CVE-2018-9843
Description
The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <9.9.5, >=10.0 <10.1
Patches
Vulnerability mechanics
References
5- seclists.org/fulldisclosure/2018/Apr/18nvdExploitMailing ListThird Party Advisory
- www.securityfocus.com/archive/1/541932/100/0/threadednvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/44429/nvdExploitThird Party AdvisoryVDB Entry
- www.redteam-pentesting.de/en/advisories/rt-sa-2017-014/-cyberark-password-vault-web-access-remote-code-executionnvdExploitThird Party Advisory
- www.securitytracker.com/id/1040675nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.