what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
CyberArk Credential File Insufficient Effective Key Space https://packetstormsecurity.com/files/164023/KL-001-2021-008.txt https://packetstormsecurity.com/files/164023/KL-001-2021-008.txt https://packetstormsecurity.com/files/164023/CyberArk-Credential-File-Insufficient-Effective-Key-Space.html Thu, 02 Sep 2021 15:16:49 GMT CyberArk Credential Providers and possibly other Vault components use credential files to store usernames and encrypted passwords. Under certain conditions, the effective key space used to encrypt the passwords is significantly reduced. For an attacker who understands the key derivation scheme and encryption mechanics, full access to the information used to derive the encryption key is sufficient to reduce effective key space to one. With partial access, the effective key space can vary depending on the information available, and a number of those variations are unlikely to withstand brute force attacks. Versions prior to 12.1 are affected.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close