Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for idira_privileged_session_manager_for_ssh by paloaltonetworks

    CVE-2026-45172 (GCVE-0-2026-45172)

    Vulnerability from nvd – Published: 2026-06-11 21:41 – Updated: 2026-06-13 03:56
    VLAI
    Title
    Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command
    Summary
    Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command
    Assigner
    Impacted products
    Vendor Product Version
    CyberArk Software, a Palo Alto Networks Company PAM Self-Hosted, Privilege Cloud Affected: 14.0 , < 14.0.6 (custom)
    Affected: 14.2 , < 14.2.5 (custom)
    Affected: 14.6 , < 14.6.3 (custom)
    Affected: 15.0 , < 15.0.2 (custom)
    Create a notification for this product.
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45172",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:56:04.329Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PAM Self-Hosted, Privilege Cloud",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "14.0.6",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "14.0.6",
                  "status": "affected",
                  "version": "14.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "14.2.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "14.2.5",
                  "status": "affected",
                  "version": "14.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "14.6.3",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "14.6.3",
                  "status": "affected",
                  "version": "14.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "15.0.2",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "15.0.2",
                  "status": "affected",
                  "version": "15.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "14.0.6",
                      "versionStartIncluding": "14.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "14.2.5",
                      "versionStartIncluding": "14.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "14.6.3",
                      "versionStartIncluding": "14.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.2",
                      "versionStartIncluding": "15.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18"
                }
              ],
              "value": "Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T21:50:40.403Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew15-0-psmp.htm#15.0.2"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-6-psmp.htm#14.6.3"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-2-5.htm"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-0-6.htm"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45172",
        "datePublished": "2026-06-11T21:41:28.676Z",
        "dateReserved": "2026-05-08T23:00:57.503Z",
        "dateUpdated": "2026-06-13T03:56:04.329Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45172 (GCVE-0-2026-45172)

    Vulnerability from cvelistv5 – Published: 2026-06-11 21:41 – Updated: 2026-06-13 03:56
    VLAI
    Title
    Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command
    Summary
    Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command
    Assigner
    Impacted products
    Vendor Product Version
    CyberArk Software, a Palo Alto Networks Company PAM Self-Hosted, Privilege Cloud Affected: 14.0 , < 14.0.6 (custom)
    Affected: 14.2 , < 14.2.5 (custom)
    Affected: 14.6 , < 14.6.3 (custom)
    Affected: 15.0 , < 15.0.2 (custom)
    Create a notification for this product.
    Date Public
    2026-06-11 17:10
    Credits
    Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45172",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-12T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-13T03:56:04.329Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "PAM Self-Hosted, Privilege Cloud",
              "vendor": "CyberArk Software, a Palo Alto Networks Company",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "14.0.6",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "14.0.6",
                  "status": "affected",
                  "version": "14.0",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "14.2.5",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "14.2.5",
                  "status": "affected",
                  "version": "14.2",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "14.6.3",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "14.6.3",
                  "status": "affected",
                  "version": "14.6",
                  "versionType": "custom"
                },
                {
                  "changes": [
                    {
                      "at": "15.0.2",
                      "status": "unaffected"
                    }
                  ],
                  "lessThan": "15.0.2",
                  "status": "affected",
                  "version": "15.0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "14.0.6",
                      "versionStartIncluding": "14.0",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "14.2.5",
                      "versionStartIncluding": "14.2",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "14.6.3",
                      "versionStartIncluding": "14.6",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:pam_self-hosted_privilege_cloud:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "15.0.2",
                      "versionStartIncluding": "15.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue"
            }
          ],
          "datePublic": "2026-06-11T17:10:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18"
                }
              ],
              "value": "Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
                }
              ],
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "AMBER",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/U:Amber",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-11T21:50:40.403Z",
            "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            "shortName": "palo_alto"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew15-0-psmp.htm#15.0.2"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-6-psmp.htm#14.6.3"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-2-5.htm"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-0-6.htm"
            }
          ],
          "source": {
            "discovery": "INTERNAL"
          },
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-11T17:10:00.000Z",
              "value": "Initial publication."
            }
          ],
          "title": "Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "assignerShortName": "palo_alto",
        "cveId": "CVE-2026-45172",
        "datePublished": "2026-06-11T21:41:28.676Z",
        "dateReserved": "2026-05-08T23:00:57.503Z",
        "dateUpdated": "2026-06-13T03:56:04.329Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }