VYPR

Privilege Manager

by Quest

CVEs (4)

  • CVE-2017-6553CriApr 29, 2017
    risk 0.70cvss 9.8epss 0.42

    Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon.

  • CVE-2017-6554HigApr 14, 2017
    risk 0.51cvss 7.2epss 0.16

    pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.

  • CVE-2024-39708HigJun 28, 2024
    risk 0.46cvss 7.0epss 0.00

    An issue was discovered in the Agent in Delinea Privilege Manager (formerly Thycotic Privilege Manager) before 12.0.1096 on Windows. Sometimes, a non-administrator user can copy a crafted DLL file to a temporary directory (used by .NET Shadow Copies) such that privilege…

  • CVE-2024-52926MedNov 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent.