VYPR
Vendor

Claroty

Products
3
CVEs
3
Across products
3
Status
Private

Products

3

Recent CVEs

3
  • CVE-2023-33371CriAug 3, 2023
    risk 0.64cvss 9.8epss 0.01

    Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to sign arbitrary session tokens and bypass authentication.

  • CVE-2025-54603MedOct 14, 2025
    risk 0.42cvss 6.5epss 0.01

    An incorrect OIDC authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 can result in unauthorized user creation or impersonation of existing OIDC users.

  • CVE-2021-32958MedMay 23, 2022
    risk 0.36cvss 5.5epss 0.00

    Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user…