Cyberark Conjur
5 CVEs affecting Cyberark Conjur. Latest disclosed: 2025-07-15. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-49831 | Critical | 9.8 | 2025-07-15 | An attacker of Secrets Manager, Self-Hosted installations that route traffic from Secrets Manager to AWS through a misconfigured network device can reroute aut… |
CVE-2025-49827 | Critical | 9.8 | 2025-07-15 | Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.22.0 and Secrets Manager, Self-Hosted (for… |
CVE-2025-49828 | High | 8.8 | 2025-07-15 | Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.21.1 and Secrets Manager, Self-Hosted (for… |
CVE-2025-49830 | Medium | 6.5 | 2025-07-15 | Conjur provides secrets management and application identity for infrastructure. An authenticated attacker who is able to load policy can use the policy yaml pa… |
CVE-2025-49829 | Medium | 6.5 | 2025-07-15 | Conjur provides secrets management and application identity for infrastructure. Missing validations in Secrets Manager, Self-Hosted allows authenticated attack… |