CyberArk Credential Provider
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in CyberArk Credential Provider.
By the Year
In 2026 there have been 0 vulnerabilities in CyberArk Credential Provider. Credential Provider did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 3 | 5.67 |
It may take a day or so for new Credential Provider vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent CyberArk Credential Provider Security Vulnerabilities
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user
CVE-2021-31798
4.4 - Medium
- September 02, 2021
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1 has low entropy, and under certain conditions a local malicious user can obtain the plaintext of cache files.
Insufficient Entropy
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure
CVE-2021-31796
7.5 - High
- September 02, 2021
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36.
Use of a Broken or Risky Cryptographic Algorithm
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition
CVE-2021-31797
5.1 - Medium
- September 02, 2021
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is susceptible to a local host race condition, leading to password disclosure.
Race Condition
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for CyberArk Credential Provider or by CyberArk? Click the Watch button to subscribe.
