CVE-2019-7442 is a vulnerability in CyberArk Enterprise Password Vault
Published on May 8, 2019
An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system.
Products Associated with CVE-2019-7442
Want to know whenever a new CVE is published for CyberArk Enterprise Password Vault? stack.watch will email you.
Exploit Probability
EPSS
16.79%
Percentile
94.88%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.