Search
Find a vulnerability
Search criteria
12 vulnerabilities found for Secret Server by Delinea
CVE-2025-6943 (GCVE-0-2025-6943)
Vulnerability from nvd – Published: 2025-07-02 15:45 – Updated: 2025-07-02 15:59
VLAI
Summary
Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
0 , ≤ 11.7
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T15:59:37.052875Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:59:43.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"lessThanOrEqual": "11.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "NCIA researchers"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSecret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:45:01.702Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2025-6943",
"datePublished": "2025-07-02T15:45:01.702Z",
"dateReserved": "2025-06-30T22:28:29.744Z",
"dateUpdated": "2025-07-02T15:59:43.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6942 (GCVE-0-2025-6942)
Vulnerability from nvd – Published: 2025-07-02 15:49 – Updated: 2025-07-02 19:46
VLAI
Summary
The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com/?tcuUid=2b68edca-7930-4… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
0 , ≤ 11.7.49
(Secret Server)
Affected: 0 , ≤ 8.4.39.0 (Distributed Engine) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T15:58:09.266658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:58:13.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Distributed Engine"
],
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"lessThanOrEqual": "11.7.49",
"status": "affected",
"version": "0",
"versionType": "Secret Server"
},
{
"lessThanOrEqual": "8.4.39.0",
"status": "affected",
"version": "0",
"versionType": "Distributed Engine"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "NCIA researchers"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine."
}
],
"value": "The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine."
}
],
"impacts": [
{
"capecId": "CAPEC-22",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-22 Exploiting Trust in Client"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T19:46:25.837Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/?tcuUid=2b68edca-7930-438d-b960-2d6da07cdde9"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2025-6942",
"datePublished": "2025-07-02T15:49:16.894Z",
"dateReserved": "2025-06-30T22:28:26.930Z",
"dateUpdated": "2025-07-02T19:46:25.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12908 (GCVE-0-2024-12908)
Vulnerability from nvd – Published: 2024-12-26 15:45 – Updated: 2024-12-27 14:22
VLAI
Summary
Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26) where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a remote attacker may be able to convince a user to visit a malicious web-page, or open a
malicious document which could trigger the vulnerable handler, allowing them to execute
arbitrary code on the user's machine. Delinea added additional validation that the downloaded installer's batch file was in the expected format.
Severity
6.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com/ | vendor-advisory |
| https://blog.amberwolf.com/blog/2024/december/cve… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
11.7.31
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12908",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:22:42.484455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:22:58.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Protocol Handler"
],
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "11.7.31"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "David Cash and Richard Warren of Amber Wolf"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Delinea a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eddressed a reported case on Secret Server v11.7.31 (protocol handler version\u003c/span\u003e\u0026nbsp;6.0.3.26)\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;where, within the protocol handler function, URI\u0027s were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a\u0026nbsp;\u003c/span\u003eremote attacker may be able to convince a user to visit a malicious web-page, or open a\nmalicious document which could trigger the vulnerable handler, allowing them to execute\narbitrary code on the user\u0027s machine.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDelinea a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edded additional validation that the downloaded installer\u0027s batch file was in the expected format.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version\u00a06.0.3.26)\u00a0where, within the protocol handler function, URI\u0027s were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a\u00a0remote attacker may be able to convince a user to visit a malicious web-page, or open a\nmalicious document which could trigger the vulnerable handler, allowing them to execute\narbitrary code on the user\u0027s machine.\u00a0Delinea added additional validation that the downloaded installer\u0027s batch file was in the expected format."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T15:45:39.592Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000049.htm"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2024-12908",
"datePublished": "2024-12-26T15:45:39.592Z",
"dateReserved": "2024-12-23T16:24:16.226Z",
"dateUpdated": "2024-12-27T14:22:58.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25652 (GCVE-0-2024-25652)
Vulnerability from nvd – Published: 2024-03-14 00:00 – Updated: 2025-05-20 14:46
VLAI
Summary
In Delinea PAM Secret Server 11.4, it is possible for a user assigned "Administer Reports" permission and/or with access to Report functionality via UNLIMITED ADMIN MODE (with access to the Report functionality) to gain unauthorized access to remote sessions created by legitimate users through information obtained from the Custom Legacy Report functionality.
Severity
7.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25652 | third-party-advisory |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com/ | vendor-advisory |
| https://docs.delinea.com/online-help/secret-serve… | productrelated |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
11.4
|
|
| delinea_pam | secret_server |
Affected:
11.4
cpe:2.3:a:delinea_pam:secret_server:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:delinea_pam:secret_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secret_server",
"vendor": "delinea_pam",
"versions": [
{
"status": "affected",
"version": "11.4"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T15:37:14.867622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:46:12.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25652"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "11.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Agenzia Per La Cybersicurezza Nazionale"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Delinea PAM Secret Server 11.4, it is possible for a user assigned \"Administer Reports\" permission and/or with access to Report functionality via UNLIMITED ADMIN MODE (with access to the Report functionality) to gain unauthorized access to remote sessions created by legitimate users through information obtained from the Custom Legacy Report functionality.\u003c/p\u003e"
}
],
"value": "In Delinea PAM Secret Server 11.4, it is possible for a user assigned \"Administer Reports\" permission and/or with access to Report functionality via UNLIMITED ADMIN MODE (with access to the Report functionality) to gain unauthorized access to remote sessions created by legitimate users through information obtained from the Custom Legacy Report functionality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T20:21:52.748Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25652"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ssc-rn-2024-02-10.htm"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/"
},
{
"tags": [
"product",
"related"
],
"url": "https://docs.delinea.com/online-help/secret-server/admin/unlimited-administration-mode/index.htm?Highlight=unlimited%20admin"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Follow \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://https://docs.delinea.com/online-help/secret-server/admin/unlimited-administration-mode/index.htm?Highlight=unlimited%20admin\"\u003eproduct hardening guidelines\u003c/a\u003e\u0026nbsp;(LINKED) for recommended use of unlimited admin mode, update to Secret Server Cloud versions 2024-02-10 or later.\u0026nbsp;"
}
],
"value": "Follow product hardening guidelines https://https://docs.delinea.com/online-help/secret-server/admin/unlimited-administration-mode/index.htm \u00a0(LINKED) for recommended use of unlimited admin mode, update to Secret Server Cloud versions 2024-02-10 or later."
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25652",
"datePublished": "2024-03-14T00:00:00.000Z",
"dateReserved": "2024-02-09T00:00:00.000Z",
"dateUpdated": "2025-05-20T14:46:12.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4589 (GCVE-0-2023-4589)
Vulnerability from nvd – Published: 2023-09-06 11:48 – Updated: 2024-09-26 17:56
VLAI
Title
Insufficient verification of data authenticity vulnerability in Delinea Secret Server
Summary
Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
v10.9.000002
|
Date Public
2023-09-06 10:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T17:55:50.932986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:56:10.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "v10.9.000002"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "H\u00e9ctor de Armas Padr\u00f3n (@3v4SI0N)"
}
],
"datePublic": "2023-09-06T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update."
}
],
"value": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T11:48:59.706Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-4589",
"datePublished": "2023-09-06T11:48:59.706Z",
"dateReserved": "2023-08-29T07:44:09.417Z",
"dateUpdated": "2024-09-26T17:56:10.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4588 (GCVE-0-2023-4588)
Vulnerability from nvd – Published: 2023-09-06 11:43 – Updated: 2024-09-06 14:12
VLAI
Title
File accessibility vulnerability in Delinea Secret Server
Summary
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application's webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
v10.9.000002
Affected: v11.4.000002 |
Date Public
2023-09-06 10:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T14:07:06.809136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:12:59.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "v10.9.000002"
},
{
"status": "affected",
"version": "v11.4.000002"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "H\u00e9ctor de Armas Padr\u00f3n (@3v4SI0N)"
}
],
"datePublic": "2023-09-06T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application\u0027s webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text."
}
],
"value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application\u0027s webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text."
}
],
"impacts": [
{
"capecId": "CAPEC-150",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-150 Collect Data from Common Resource Locations"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T11:43:19.278Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "File accessibility vulnerability in Delinea Secret Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-4588",
"datePublished": "2023-09-06T11:43:19.278Z",
"dateReserved": "2023-08-29T07:44:07.813Z",
"dateUpdated": "2024-09-06T14:12:59.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6942 (GCVE-0-2025-6942)
Vulnerability from cvelistv5 – Published: 2025-07-02 15:49 – Updated: 2025-07-02 19:46
VLAI
Summary
The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com/?tcuUid=2b68edca-7930-4… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
0 , ≤ 11.7.49
(Secret Server)
Affected: 0 , ≤ 8.4.39.0 (Distributed Engine) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6942",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T15:58:09.266658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:58:13.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Distributed Engine"
],
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"lessThanOrEqual": "11.7.49",
"status": "affected",
"version": "0",
"versionType": "Secret Server"
},
{
"lessThanOrEqual": "8.4.39.0",
"status": "affected",
"version": "0",
"versionType": "Distributed Engine"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "NCIA researchers"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine."
}
],
"value": "The distributed engine versions 8.4.39.0 and earlier of Secret Server versions 11.7.49 and earlier can be exploited during an initial authorization event that would allow an attacker to impersonate another distributed engine."
}
],
"impacts": [
{
"capecId": "CAPEC-22",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-22 Exploiting Trust in Client"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T19:46:25.837Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/?tcuUid=2b68edca-7930-438d-b960-2d6da07cdde9"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2025-6942",
"datePublished": "2025-07-02T15:49:16.894Z",
"dateReserved": "2025-06-30T22:28:26.930Z",
"dateUpdated": "2025-07-02T19:46:25.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6943 (GCVE-0-2025-6943)
Vulnerability from cvelistv5 – Published: 2025-07-02 15:45 – Updated: 2025-07-02 15:59
VLAI
Summary
Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
0 , ≤ 11.7
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6943",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T15:59:37.052875Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:59:43.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"lessThanOrEqual": "11.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "NCIA researchers"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSecret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Secret Server version 11.7 and earlier is vulnerable to a SQL report creation vulnerability that allows an administrator to gain access to restricted tables."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:45:01.702Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000060.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000061.htm"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server-changelog/secret-server-change-log.htm?cshid=secret-server-changelog#Friday,_November_22,_2024"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2025-6943",
"datePublished": "2025-07-02T15:45:01.702Z",
"dateReserved": "2025-06-30T22:28:29.744Z",
"dateUpdated": "2025-07-02T15:59:43.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12908 (GCVE-0-2024-12908)
Vulnerability from cvelistv5 – Published: 2024-12-26 15:45 – Updated: 2024-12-27 14:22
VLAI
Summary
Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26) where, within the protocol handler function, URI's were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a remote attacker may be able to convince a user to visit a malicious web-page, or open a
malicious document which could trigger the vulnerable handler, allowing them to execute
arbitrary code on the user's machine. Delinea added additional validation that the downloaded installer's batch file was in the expected format.
Severity
6.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com/ | vendor-advisory |
| https://blog.amberwolf.com/blog/2024/december/cve… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
11.7.31
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12908",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T14:22:42.484455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T14:22:58.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Protocol Handler"
],
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "11.7.31"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "David Cash and Richard Warren of Amber Wolf"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Delinea a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eddressed a reported case on Secret Server v11.7.31 (protocol handler version\u003c/span\u003e\u0026nbsp;6.0.3.26)\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;where, within the protocol handler function, URI\u0027s were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a\u0026nbsp;\u003c/span\u003eremote attacker may be able to convince a user to visit a malicious web-page, or open a\nmalicious document which could trigger the vulnerable handler, allowing them to execute\narbitrary code on the user\u0027s machine.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDelinea a\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edded additional validation that the downloaded installer\u0027s batch file was in the expected format.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version\u00a06.0.3.26)\u00a0where, within the protocol handler function, URI\u0027s were compared before normalization and canonicalization, potentially leading to over matching against the approved list. If this attack were successfully exploited, a\u00a0remote attacker may be able to convince a user to visit a malicious web-page, or open a\nmalicious document which could trigger the vulnerable handler, allowing them to execute\narbitrary code on the user\u0027s machine.\u00a0Delinea added additional validation that the downloaded installer\u0027s batch file was in the expected format."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-26T15:45:39.592Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000049.htm"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"assignerShortName": "Delinea",
"cveId": "CVE-2024-12908",
"datePublished": "2024-12-26T15:45:39.592Z",
"dateReserved": "2024-12-23T16:24:16.226Z",
"dateUpdated": "2024-12-27T14:22:58.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25652 (GCVE-0-2024-25652)
Vulnerability from cvelistv5 – Published: 2024-03-14 00:00 – Updated: 2025-05-20 14:46
VLAI
Summary
In Delinea PAM Secret Server 11.4, it is possible for a user assigned "Administer Reports" permission and/or with access to Report functionality via UNLIMITED ADMIN MODE (with access to the Report functionality) to gain unauthorized access to remote sessions created by legitimate users through information obtained from the Custom Legacy Report functionality.
Severity
7.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25652 | third-party-advisory |
| https://docs.delinea.com/online-help/secret-serve… | release-notes |
| https://trust.delinea.com/ | vendor-advisory |
| https://docs.delinea.com/online-help/secret-serve… | productrelated |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
11.4
|
|
| delinea_pam | secret_server |
Affected:
11.4
cpe:2.3:a:delinea_pam:secret_server:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:delinea_pam:secret_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "secret_server",
"vendor": "delinea_pam",
"versions": [
{
"status": "affected",
"version": "11.4"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25652",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T15:37:14.867622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T14:46:12.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25652"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "11.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Agenzia Per La Cybersicurezza Nazionale"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Delinea PAM Secret Server 11.4, it is possible for a user assigned \"Administer Reports\" permission and/or with access to Report functionality via UNLIMITED ADMIN MODE (with access to the Report functionality) to gain unauthorized access to remote sessions created by legitimate users through information obtained from the Custom Legacy Report functionality.\u003c/p\u003e"
}
],
"value": "In Delinea PAM Secret Server 11.4, it is possible for a user assigned \"Administer Reports\" permission and/or with access to Report functionality via UNLIMITED ADMIN MODE (with access to the Report functionality) to gain unauthorized access to remote sessions created by legitimate users through information obtained from the Custom Legacy Report functionality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T20:21:52.748Z",
"orgId": "1443cd92-d354-46d2-9290-d812316ca43a",
"shortName": "Delinea"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25652"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.delinea.com/online-help/secret-server/release-notes/ssc-rn-2024-02-10.htm"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://trust.delinea.com/"
},
{
"tags": [
"product",
"related"
],
"url": "https://docs.delinea.com/online-help/secret-server/admin/unlimited-administration-mode/index.htm?Highlight=unlimited%20admin"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Follow \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://https://docs.delinea.com/online-help/secret-server/admin/unlimited-administration-mode/index.htm?Highlight=unlimited%20admin\"\u003eproduct hardening guidelines\u003c/a\u003e\u0026nbsp;(LINKED) for recommended use of unlimited admin mode, update to Secret Server Cloud versions 2024-02-10 or later.\u0026nbsp;"
}
],
"value": "Follow product hardening guidelines https://https://docs.delinea.com/online-help/secret-server/admin/unlimited-administration-mode/index.htm \u00a0(LINKED) for recommended use of unlimited admin mode, update to Secret Server Cloud versions 2024-02-10 or later."
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-25652",
"datePublished": "2024-03-14T00:00:00.000Z",
"dateReserved": "2024-02-09T00:00:00.000Z",
"dateUpdated": "2025-05-20T14:46:12.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4589 (GCVE-0-2023-4589)
Vulnerability from cvelistv5 – Published: 2023-09-06 11:48 – Updated: 2024-09-26 17:56
VLAI
Title
Insufficient verification of data authenticity vulnerability in Delinea Secret Server
Summary
Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
v10.9.000002
|
Date Public
2023-09-06 10:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T17:55:50.932986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T17:56:10.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "v10.9.000002"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "H\u00e9ctor de Armas Padr\u00f3n (@3v4SI0N)"
}
],
"datePublic": "2023-09-06T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update."
}
],
"value": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T11:48:59.706Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient verification of data authenticity vulnerability in Delinea Secret Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-4589",
"datePublished": "2023-09-06T11:48:59.706Z",
"dateReserved": "2023-08-29T07:44:09.417Z",
"dateUpdated": "2024-09-26T17:56:10.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4588 (GCVE-0-2023-4588)
Vulnerability from cvelistv5 – Published: 2023-09-06 11:43 – Updated: 2024-09-06 14:12
VLAI
Title
File accessibility vulnerability in Delinea Secret Server
Summary
File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application's webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Delinea | Secret Server |
Affected:
v10.9.000002
Affected: v11.4.000002 |
Date Public
2023-09-06 10:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:31:06.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-06T14:07:06.809136Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:12:59.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Secret Server",
"vendor": "Delinea",
"versions": [
{
"status": "affected",
"version": "v10.9.000002"
},
{
"status": "affected",
"version": "v11.4.000002"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "H\u00e9ctor de Armas Padr\u00f3n (@3v4SI0N)"
}
],
"datePublic": "2023-09-06T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application\u0027s webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text."
}
],
"value": "File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. Exploitation of this vulnerability could allow an authenticated user with administrative privileges to create a backup file in the application\u0027s webroot directory, changing the default backup directory to the wwwroot folder, and download it with some configuration files such as encryption.config/ and database.config stored in the wwwroot directory, exposing the database credentials in plain text."
}
],
"impacts": [
{
"capecId": "CAPEC-150",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-150 Collect Data from Common Resource Locations"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T11:43:19.278Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-delinea-secret-server"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "File accessibility vulnerability in Delinea Secret Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-4588",
"datePublished": "2023-09-06T11:43:19.278Z",
"dateReserved": "2023-08-29T07:44:07.813Z",
"dateUpdated": "2024-09-06T14:12:59.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}