Critical severity9.8NVD Advisory· Published May 8, 2019· Updated Jun 17, 2026
CVE-2019-7442
CVE-2019-7442
Description
An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CyberArk/Password Vault Web Accessdescription
- Range: <=10.7
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.