CVE-2024-57967 Vault — Exploit & Vulnerability Details MEDIUM

CVE-2024-57967

MEDIUM CVSS 3.1: 4.2 EPSS 0.20%

Parameter	Value
CVSS	4.2 (MEDIUM)
Affected Versions	before 14.4
Type	CWE-266 (Incorrect Privilege Assignment)
Vendor	Vault
Public PoC	No

PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 has potentially elevated privileges in LDAP mapping.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

High

Difficult to exploit

Privileges Required

Low

Basic privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

Low

Partial data leak

Integrity

Low

Partial data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-266 Incorrect Privilege Assignment

References 2

https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-…

cve@mitre.org

https://www.cyberark.com/ca24-15/

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-34976

Vault

10.0

CVE-2026-33722

N8N

7.3

CVE-2026-32318

Apple

5.9

CVE-2026-32317

Google

5.9

CVE-2026-32310

Vault

5.3

Menu

CVE-2024-57967

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 2

Related Vulnerabilities

CVE-2026-34976

CVE-2026-33722

CVE-2026-32318

CVE-2026-32317

CVE-2026-32310

CVE Details

Editor's Choice

Menu

CVE-2024-57967

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 2

Related Vulnerabilities

CVE-2026-34976

CVE-2026-33722

CVE-2026-32318

CVE-2026-32317

CVE-2026-32310

CVE Details

Editor's Choice

Stay informed on cybersecurity