Critical severity9.1NVD Advisory· Published Sep 6, 2023· Updated Jun 17, 2026
CVE-2023-4589
CVE-2023-4589
Description
Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=10.9.000002+ 1 more
- (no CPE)range: =10.9.000002
- (no CPE)range: v10.9.000002
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-servernvdThird Party Advisory
News mentions
0No linked articles in our index yet.