Search
Find a vulnerability
Search criteria
8 vulnerabilities found for Core Privileged Access Manager (BoKS) by Fortra
CVE-2026-9863 (GCVE-0-2026-9863)
Vulnerability from nvd – Published: 2026-06-15 15:17 – Updated: 2026-06-15 16:08
VLAI
Title
Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability
Summary
Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.fortra.com/security/advisories/produc… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22
(custom)
Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:08:50.051689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:08:58.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"boks_upgrade_upgrade",
"boks_upgrade_patch"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "boks-server 8.1.0.22",
"status": "affected",
"version": "boks-server 8.1.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "boks-server 9.0.0.4",
"status": "affected",
"version": "boks-server 9.0.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fortra internal security assessment"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.\u003c/p\u003e"
}
],
"value": "Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T15:18:31.697Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.fortra.com/security/advisories/product-security/fi-2026-008"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
}
],
"value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
}
],
"source": {
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2026-06-01T00:00:00.000Z",
"value": "Issue validated and fixes prepared for BOKS-900 and BOKS81-hotfix branches."
}
],
"title": "Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUntil fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party.\u003c/p\u003e"
}
],
"value": "Until fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2026-9863",
"datePublished": "2026-06-15T15:17:19.607Z",
"dateReserved": "2026-05-28T16:37:53.223Z",
"dateUpdated": "2026-06-15T16:08:58.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9862 (GCVE-0-2026-9862)
Vulnerability from nvd – Published: 2026-06-15 15:10 – Updated: 2026-06-15 16:09
VLAI
Title
Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability
Summary
Fortra's
Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.fortra.com/security/advisories/produc… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22
(custom)
Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:09:18.347930Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:09:28.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"boks_autoregisterd"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "boks-server 8.1.0.22",
"status": "affected",
"version": "boks-server 8.1.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "boks-server 9.0.0.4",
"status": "affected",
"version": "boks-server 9.0.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fortra internal security assessment"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFortra\u0027s\u0026nbsp;\nCore Privileged Access Manager (BoKS)\u0026nbsp;contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.\u003c/p\u003e"
}
],
"value": "Fortra\u0027s\u00a0\nCore Privileged Access Manager (BoKS)\u00a0contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T15:18:11.644Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.fortra.com/security/advisories/product-security/fi-2026-007"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
}
],
"value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRestrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\u003c/p\u003e\u003cp\u003e\u003cspan\u003e$BOKS_var/internal/boksinit/master\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eand comment out the line\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eby prefixing it with\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`#`;\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003ethen make boks_init reread the file, for example by running\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Restrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u00a0\n\n\n\nAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\n\n\n\n$BOKS_var/internal/boksinit/master\u00a0\n\n\n\nand comment out the line\u00a0\n\n\n\n`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u00a0\n\n\n\nby prefixing it with\u00a0\n\n\n\n`#`;\u00a0\n\n\n\nthen make boks_init reread the file, for example by running\u00a0\n\n\n\n`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u00a0\n\n\n\nor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2026-9862",
"datePublished": "2026-06-15T15:10:08.708Z",
"dateReserved": "2026-05-28T16:37:50.792Z",
"dateUpdated": "2026-06-15T16:09:28.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13532 (GCVE-0-2025-13532)
Vulnerability from nvd – Published: 2025-12-16 20:01 – Updated: 2025-12-16 20:23
VLAI
Title
Weak Password Hash in Core Privileged Access Manager (BoKS)
Summary
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.
Severity
6.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-916 - Use of Password Hash With Insufficient Computational Effort
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24.
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13532",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T20:18:38.616690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T20:23:51.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"status": "affected",
"version": "This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24."
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003effects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.\u003c/span\u003e"
}
],
"value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u00a0This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T20:01:02.743Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/product-security/fi-2025-014"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to BoKS Server Agent 9.0.0.4.\n\n\u003cbr\u003e"
}
],
"value": "Upgrade to BoKS Server Agent 9.0.0.4."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Weak Password Hash in Core Privileged Access Manager (BoKS)",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Configure the OS to use SHA512 rather than yescrypt.\n\n\u003cbr\u003e"
}
],
"value": "Configure the OS to use SHA512 rather than yescrypt."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2025-13532",
"datePublished": "2025-12-16T20:01:02.743Z",
"dateReserved": "2025-11-21T21:04:44.245Z",
"dateUpdated": "2025-12-16T20:23:51.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5141 (GCVE-0-2025-5141)
Vulnerability from nvd – Published: 2025-06-17 19:30 – Updated: 2025-08-29 20:11
VLAI
Title
Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache
Summary
A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-524 - Use of Cache Containing Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
0 , ≤ 7.2.0.17
(custom)
Affected: 0 , ≤ 8.1.0.22 (custom) Affected: 0 , ≤ 8.1.1.7 (custom) Affected: 0 , ≤ 9.0.0.1 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T19:50:23.706281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T19:50:34.425Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"AIX",
"Solaris"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "7.2.0.17",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1.0.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1.1.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maciej Grabiec, ING Hubs Poland"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
}
],
"value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
}
],
"impacts": [
{
"capecId": "CAPEC-204",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-204 Lifting Sensitive Data Embedded in Cache"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524: Use of Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:11:13.423Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/product-security/fi-2025-008"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to the latest patched version or hotfix"
}
],
"value": "Upgrade to the latest patched version or hotfix"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2025-5141",
"datePublished": "2025-06-17T19:30:51.781Z",
"dateReserved": "2025-05-23T21:18:11.239Z",
"dateUpdated": "2025-08-29T20:11:13.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-9863 (GCVE-0-2026-9863)
Vulnerability from cvelistv5 – Published: 2026-06-15 15:17 – Updated: 2026-06-15 16:08
VLAI
Title
Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability
Summary
Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.fortra.com/security/advisories/produc… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22
(custom)
Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:08:50.051689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:08:58.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"boks_upgrade_upgrade",
"boks_upgrade_patch"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "boks-server 8.1.0.22",
"status": "affected",
"version": "boks-server 8.1.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "boks-server 9.0.0.4",
"status": "affected",
"version": "boks-server 9.0.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fortra internal security assessment"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.\u003c/p\u003e"
}
],
"value": "Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T15:18:31.697Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.fortra.com/security/advisories/product-security/fi-2026-008"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
}
],
"value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
}
],
"source": {
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2026-06-01T00:00:00.000Z",
"value": "Issue validated and fixes prepared for BOKS-900 and BOKS81-hotfix branches."
}
],
"title": "Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUntil fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party.\u003c/p\u003e"
}
],
"value": "Until fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2026-9863",
"datePublished": "2026-06-15T15:17:19.607Z",
"dateReserved": "2026-05-28T16:37:53.223Z",
"dateUpdated": "2026-06-15T16:08:58.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9862 (GCVE-0-2026-9862)
Vulnerability from cvelistv5 – Published: 2026-06-15 15:10 – Updated: 2026-06-15 16:09
VLAI
Title
Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability
Summary
Fortra's
Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.fortra.com/security/advisories/produc… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22
(custom)
Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T16:09:18.347930Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:09:28.297Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"boks_autoregisterd"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "boks-server 8.1.0.22",
"status": "affected",
"version": "boks-server 8.1.0.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "boks-server 9.0.0.4",
"status": "affected",
"version": "boks-server 9.0.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fortra internal security assessment"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFortra\u0027s\u0026nbsp;\nCore Privileged Access Manager (BoKS)\u0026nbsp;contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.\u003c/p\u003e"
}
],
"value": "Fortra\u0027s\u00a0\nCore Privileged Access Manager (BoKS)\u00a0contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T15:18:11.644Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.fortra.com/security/advisories/product-security/fi-2026-007"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
}
],
"value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRestrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\u003c/p\u003e\u003cp\u003e\u003cspan\u003e$BOKS_var/internal/boksinit/master\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eand comment out the line\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eby prefixing it with\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`#`;\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003ethen make boks_init reread the file, for example by running\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Restrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u00a0\n\n\n\nAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\n\n\n\n$BOKS_var/internal/boksinit/master\u00a0\n\n\n\nand comment out the line\u00a0\n\n\n\n`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u00a0\n\n\n\nby prefixing it with\u00a0\n\n\n\n`#`;\u00a0\n\n\n\nthen make boks_init reread the file, for example by running\u00a0\n\n\n\n`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u00a0\n\n\n\nor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2026-9862",
"datePublished": "2026-06-15T15:10:08.708Z",
"dateReserved": "2026-05-28T16:37:50.792Z",
"dateUpdated": "2026-06-15T16:09:28.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-13532 (GCVE-0-2025-13532)
Vulnerability from cvelistv5 – Published: 2025-12-16 20:01 – Updated: 2025-12-16 20:23
VLAI
Title
Weak Password Hash in Core Privileged Access Manager (BoKS)
Summary
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.
Severity
6.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-916 - Use of Password Hash With Insufficient Computational Effort
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24.
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13532",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-16T20:18:38.616690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T20:23:51.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"status": "affected",
"version": "This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24."
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003effects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.\u003c/span\u003e"
}
],
"value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u00a0This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-16T20:01:02.743Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/product-security/fi-2025-014"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to BoKS Server Agent 9.0.0.4.\n\n\u003cbr\u003e"
}
],
"value": "Upgrade to BoKS Server Agent 9.0.0.4."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Weak Password Hash in Core Privileged Access Manager (BoKS)",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Configure the OS to use SHA512 rather than yescrypt.\n\n\u003cbr\u003e"
}
],
"value": "Configure the OS to use SHA512 rather than yescrypt."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2025-13532",
"datePublished": "2025-12-16T20:01:02.743Z",
"dateReserved": "2025-11-21T21:04:44.245Z",
"dateUpdated": "2025-12-16T20:23:51.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5141 (GCVE-0-2025-5141)
Vulnerability from cvelistv5 – Published: 2025-06-17 19:30 – Updated: 2025-08-29 20:11
VLAI
Title
Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache
Summary
A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-524 - Use of Cache Containing Sensitive Information
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortra | Core Privileged Access Manager (BoKS) |
Affected:
0 , ≤ 7.2.0.17
(custom)
Affected: 0 , ≤ 8.1.0.22 (custom) Affected: 0 , ≤ 8.1.1.7 (custom) Affected: 0 , ≤ 9.0.0.1 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T19:50:23.706281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T19:50:34.425Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux",
"AIX",
"Solaris"
],
"product": "Core Privileged Access Manager (BoKS)",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "7.2.0.17",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1.0.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.1.1.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maciej Grabiec, ING Hubs Poland"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
}
],
"value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
}
],
"impacts": [
{
"capecId": "CAPEC-204",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-204 Lifting Sensitive Data Embedded in Cache"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524: Use of Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:11:13.423Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/product-security/fi-2025-008"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to the latest patched version or hotfix"
}
],
"value": "Upgrade to the latest patched version or hotfix"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2025-5141",
"datePublished": "2025-06-17T19:30:51.781Z",
"dateReserved": "2025-05-23T21:18:11.239Z",
"dateUpdated": "2025-08-29T20:11:13.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}