Unrated severityNVD Advisory· Published Mar 3, 2022· Updated Aug 3, 2024
CVE-2022-22700
CVE-2022-22700
Description
CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. In certain configurations, that response header contains different, predictable value ranges which can be used to determine whether a user exists in the tenant.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- docs.cyberark.com/Product-Doc/OnlineHelp/Idaptive/Latest/en/Content/ReleaseNotes/ReleaseNotes-Latest.htmmitrex_refsource_MISC
- fluidattacks.com/advisories/porter/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.