Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Core Privileged Access Manager (BoKS) by Fortra

    CVE-2026-9863 (GCVE-0-2026-9863)

    Vulnerability from nvd – Published: 2026-06-15 15:17 – Updated: 2026-06-15 16:08
    VLAI
    Title
    Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability
    Summary
    Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22 (custom)
    Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom)
    Create a notification for this product.
    Credits
    Fortra internal security assessment
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9863",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T16:08:50.051689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-15T16:08:58.885Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "boks_upgrade_upgrade",
                "boks_upgrade_patch"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "lessThanOrEqual": "boks-server 8.1.0.22",
                  "status": "affected",
                  "version": "boks-server 8.1.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "boks-server 9.0.0.4",
                  "status": "affected",
                  "version": "boks-server 9.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Fortra internal security assessment"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eFortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.\u003c/p\u003e"
                }
              ],
              "value": "Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T15:18:31.697Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2026-008"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
                }
              ],
              "value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-01T00:00:00.000Z",
              "value": "Issue validated and fixes prepared for BOKS-900 and BOKS81-hotfix branches."
            }
          ],
          "title": "Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUntil fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party.\u003c/p\u003e"
                }
              ],
              "value": "Until fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2026-9863",
        "datePublished": "2026-06-15T15:17:19.607Z",
        "dateReserved": "2026-05-28T16:37:53.223Z",
        "dateUpdated": "2026-06-15T16:08:58.885Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9862 (GCVE-0-2026-9862)

    Vulnerability from nvd – Published: 2026-06-15 15:10 – Updated: 2026-06-15 16:09
    VLAI
    Title
    Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability
    Summary
    Fortra's  Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22 (custom)
    Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom)
    Create a notification for this product.
    Credits
    Fortra internal security assessment
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9862",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T16:09:18.347930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-15T16:09:28.297Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "boks_autoregisterd"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "lessThanOrEqual": "boks-server 8.1.0.22",
                  "status": "affected",
                  "version": "boks-server 8.1.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "boks-server 9.0.0.4",
                  "status": "affected",
                  "version": "boks-server 9.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Fortra internal security assessment"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eFortra\u0027s\u0026nbsp;\nCore Privileged Access Manager (BoKS)\u0026nbsp;contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.\u003c/p\u003e"
                }
              ],
              "value": "Fortra\u0027s\u00a0\nCore Privileged Access Manager (BoKS)\u00a0contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T15:18:11.644Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2026-007"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
                }
              ],
              "value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eRestrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\u003c/p\u003e\u003cp\u003e\u003cspan\u003e$BOKS_var/internal/boksinit/master\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eand comment out the line\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eby prefixing it with\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`#`;\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003ethen make boks_init reread the file, for example by running\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "Restrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u00a0\n\n\n\nAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\n\n\n\n$BOKS_var/internal/boksinit/master\u00a0\n\n\n\nand comment out the line\u00a0\n\n\n\n`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u00a0\n\n\n\nby prefixing it with\u00a0\n\n\n\n`#`;\u00a0\n\n\n\nthen make boks_init reread the file, for example by running\u00a0\n\n\n\n`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u00a0\n\n\n\nor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2026-9862",
        "datePublished": "2026-06-15T15:10:08.708Z",
        "dateReserved": "2026-05-28T16:37:50.792Z",
        "dateUpdated": "2026-06-15T16:09:28.297Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13532 (GCVE-0-2025-13532)

    Vulnerability from nvd – Published: 2025-12-16 20:01 – Updated: 2025-12-16 20:23
    VLAI
    Title
    Weak Password Hash in Core Privileged Access Manager (BoKS)
    Summary
    Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms.  This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-916 - Use of Password Hash With Insufficient Computational Effort
    Assigner
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24.
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13532",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-16T20:18:38.616690Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-16T20:23:51.768Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "status": "affected",
                  "version": "This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003effects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.\u003c/span\u003e"
                }
              ],
              "value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u00a0This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-112",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-112 Brute Force"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-916",
                  "description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-16T20:01:02.743Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2025-014"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to BoKS Server Agent 9.0.0.4.\n\n\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to BoKS Server Agent 9.0.0.4."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Weak Password Hash in Core Privileged Access Manager (BoKS)",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Configure the OS to use SHA512 rather than yescrypt.\n\n\u003cbr\u003e"
                }
              ],
              "value": "Configure the OS to use SHA512 rather than yescrypt."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2025-13532",
        "datePublished": "2025-12-16T20:01:02.743Z",
        "dateReserved": "2025-11-21T21:04:44.245Z",
        "dateUpdated": "2025-12-16T20:23:51.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5141 (GCVE-0-2025-5141)

    Vulnerability from nvd – Published: 2025-06-17 19:30 – Updated: 2025-08-29 20:11
    VLAI
    Title
    Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache
    Summary
    A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-524 - Use of Cache Containing Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: 0 , ≤ 7.2.0.17 (custom)
    Affected: 0 , ≤ 8.1.0.22 (custom)
    Affected: 0 , ≤ 8.1.1.7 (custom)
    Affected: 0 , ≤ 9.0.0.1 (custom)
    Create a notification for this product.
    Credits
    Maciej Grabiec, ING Hubs Poland
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5141",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T19:50:23.706281Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T19:50:34.425Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux",
                "AIX",
                "Solaris"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "lessThanOrEqual": "7.2.0.17",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.0.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Maciej Grabiec, ING Hubs Poland"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
                }
              ],
              "value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-204",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-204 Lifting Sensitive Data Embedded in Cache"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-524",
                  "description": "CWE-524: Use of Cache Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T20:11:13.423Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2025-008"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest patched version or hotfix"
                }
              ],
              "value": "Upgrade to the latest patched version or hotfix"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2025-5141",
        "datePublished": "2025-06-17T19:30:51.781Z",
        "dateReserved": "2025-05-23T21:18:11.239Z",
        "dateUpdated": "2025-08-29T20:11:13.423Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-9863 (GCVE-0-2026-9863)

    Vulnerability from cvelistv5 – Published: 2026-06-15 15:17 – Updated: 2026-06-15 16:08
    VLAI
    Title
    Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability
    Summary
    Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22 (custom)
    Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom)
    Create a notification for this product.
    Credits
    Fortra internal security assessment
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9863",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T16:08:50.051689Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-15T16:08:58.885Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "boks_upgrade_upgrade",
                "boks_upgrade_patch"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "lessThanOrEqual": "boks-server 8.1.0.22",
                  "status": "affected",
                  "version": "boks-server 8.1.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "boks-server 9.0.0.4",
                  "status": "affected",
                  "version": "boks-server 9.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Fortra internal security assessment"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eFortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling.\u003c/p\u003e"
                }
              ],
              "value": "Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T15:18:31.697Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2026-008"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
                }
              ],
              "value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-01T00:00:00.000Z",
              "value": "Issue validated and fixes prepared for BOKS-900 and BOKS81-hotfix branches."
            }
          ],
          "title": "Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUntil fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party.\u003c/p\u003e"
                }
              ],
              "value": "Until fixed builds are deployed, only run BoKS client upgrade or patch operations for legacy tar-based client installations against trusted clients. Avoid running boks_upgrade upgrade or patch operations for legacy tar-installed clients that may be compromised or controlled by an untrusted party."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2026-9863",
        "datePublished": "2026-06-15T15:17:19.607Z",
        "dateReserved": "2026-05-28T16:37:53.223Z",
        "dateUpdated": "2026-06-15T16:08:58.885Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9862 (GCVE-0-2026-9862)

    Vulnerability from cvelistv5 – Published: 2026-06-15 15:10 – Updated: 2026-06-15 16:09
    VLAI
    Title
    Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability
    Summary
    Fortra's  Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: boks-server 8.1.0.0 , ≤ boks-server 8.1.0.22 (custom)
    Affected: boks-server 9.0.0.0 , ≤ boks-server 9.0.0.4 (custom)
    Create a notification for this product.
    Credits
    Fortra internal security assessment
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9862",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T16:09:18.347930Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-15T16:09:28.297Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "boks_autoregisterd"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "lessThanOrEqual": "boks-server 8.1.0.22",
                  "status": "affected",
                  "version": "boks-server 8.1.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "boks-server 9.0.0.4",
                  "status": "affected",
                  "version": "boks-server 9.0.0.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Fortra internal security assessment"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eFortra\u0027s\u0026nbsp;\nCore Privileged Access Manager (BoKS)\u0026nbsp;contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.\u003c/p\u003e"
                }
              ],
              "value": "Fortra\u0027s\u00a0\nCore Privileged Access Manager (BoKS)\u00a0contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T15:18:11.644Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2026-007"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpgrade to boks-server 8.1.0.23 or 9.0.0.5.\u003c/p\u003e"
                }
              ],
              "value": "Upgrade to boks-server 8.1.0.23 or 9.0.0.5."
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "title": "Core Privileged Access Manager (BoKS) autoregistration service command injection vulnerability",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eRestrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u0026nbsp;\u003c/p\u003e\u003cp\u003eAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\u003c/p\u003e\u003cp\u003e\u003cspan\u003e$BOKS_var/internal/boksinit/master\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eand comment out the line\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eby prefixing it with\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`#`;\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003ethen make boks_init reread the file, for example by running\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003e`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored.\u003c/span\u003e\u003c/p\u003e"
                }
              ],
              "value": "Restrict network access to boks_autoregisterd, which listens on port 6507 by default, until fixed builds are deployed.\u00a0\n\n\n\nAnother workaround for both boks-server 8.1 and 9.0 is to disable the service in the boksinit configuration. On the BoKS Master, edit\n\n\n\n$BOKS_var/internal/boksinit/master\u00a0\n\n\n\nand comment out the line\u00a0\n\n\n\n`autoregisterd:300:1:0:respawn::$BOKS_lib/boks_autoregisterd -xn`\u00a0\n\n\n\nby prefixing it with\u00a0\n\n\n\n`#`;\u00a0\n\n\n\nthen make boks_init reread the file, for example by running\u00a0\n\n\n\n`kill -HUP $(cat $BOKS_var/run/boks_init)`,\u00a0\n\n\n\nor restart BoKS. This stops boks_autoregisterd and prevents it from being respawned; autoregistration is unavailable until the row is restored."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2026-9862",
        "datePublished": "2026-06-15T15:10:08.708Z",
        "dateReserved": "2026-05-28T16:37:50.792Z",
        "dateUpdated": "2026-06-15T16:09:28.297Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-13532 (GCVE-0-2025-13532)

    Vulnerability from cvelistv5 – Published: 2025-12-16 20:01 – Updated: 2025-12-16 20:23
    VLAI
    Title
    Weak Password Hash in Core Privileged Access Manager (BoKS)
    Summary
    Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms.  This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-916 - Use of Password Hash With Insufficient Computational Effort
    Assigner
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24.
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13532",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-16T20:18:38.616690Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-16T20:23:51.768Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "status": "affected",
                  "version": "This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain. The affected platforms are: Debian 11, 12, 13, RedHat 9, 10 and Ubuntu 24."
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003effects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.\u003c/span\u003e"
                }
              ],
              "value": "Insecure defaults in the Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms. \u00a0This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-112",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-112 Brute Force"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-916",
                  "description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-16T20:01:02.743Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2025-014"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to BoKS Server Agent 9.0.0.4.\n\n\u003cbr\u003e"
                }
              ],
              "value": "Upgrade to BoKS Server Agent 9.0.0.4."
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Weak Password Hash in Core Privileged Access Manager (BoKS)",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Configure the OS to use SHA512 rather than yescrypt.\n\n\u003cbr\u003e"
                }
              ],
              "value": "Configure the OS to use SHA512 rather than yescrypt."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2025-13532",
        "datePublished": "2025-12-16T20:01:02.743Z",
        "dateReserved": "2025-11-21T21:04:44.245Z",
        "dateUpdated": "2025-12-16T20:23:51.768Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-5141 (GCVE-0-2025-5141)

    Vulnerability from cvelistv5 – Published: 2025-06-17 19:30 – Updated: 2025-08-29 20:11
    VLAI
    Title
    Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache
    Summary
    A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-524 - Use of Cache Containing Sensitive Information
    Assigner
    Impacted products
    Vendor Product Version
    Fortra Core Privileged Access Manager (BoKS) Affected: 0 , ≤ 7.2.0.17 (custom)
    Affected: 0 , ≤ 8.1.0.22 (custom)
    Affected: 0 , ≤ 8.1.1.7 (custom)
    Affected: 0 , ≤ 9.0.0.1 (custom)
    Create a notification for this product.
    Credits
    Maciej Grabiec, ING Hubs Poland
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5141",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-17T19:50:23.706281Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-17T19:50:34.425Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Linux",
                "AIX",
                "Solaris"
              ],
              "product": "Core Privileged Access Manager (BoKS)",
              "vendor": "Fortra",
              "versions": [
                {
                  "lessThanOrEqual": "7.2.0.17",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.0.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.1.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.0.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Maciej Grabiec, ING Hubs Poland"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
                }
              ],
              "value": "A binary in the BoKS Server Agent component of Fortra\u0027s Core Privileged Access Manager (BoKS) on versions 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1) and also legacy tar installs of BoKS 7.2 without hotfix #0474 on Linux, AIX, and Solaris allows low privilege local users to dump data from the cache."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-204",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-204 Lifting Sensitive Data Embedded in Cache"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-524",
                  "description": "CWE-524: Use of Cache Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-29T20:11:13.423Z",
            "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
            "shortName": "Fortra"
          },
          "references": [
            {
              "url": "https://www.fortra.com/security/advisories/product-security/fi-2025-008"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to the latest patched version or hotfix"
                }
              ],
              "value": "Upgrade to the latest patched version or hotfix"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Core Privileged Access Manager (BoKS) Leakage of Sensitive Data via the Cache",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "assignerShortName": "Fortra",
        "cveId": "CVE-2025-5141",
        "datePublished": "2025-06-17T19:30:51.781Z",
        "dateReserved": "2025-05-23T21:18:11.239Z",
        "dateUpdated": "2025-08-29T20:11:13.423Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }