CVE-2026-45170

Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validati...

Published: 2026-06-12 · Last updated: 2026-06-12

Severity and scoring

CWE: CWE-295

Description

Idira Privilege Cloud Connector versions prior 1.1.100504 under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced. CyberArk Security Bulletin: CA26-17

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-45170
[Other]https://docs.cyberark.com/

Related CVEs

Same CWE

CVE-2026-45175 — Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes
CVE-2026-40992 — Spring Boot's Mail auto-configuration does not enable hostname verification (5.0 MEDIUM)
CVE-2026-53475 — A flaw was found in assisted-migration-agent (9.3 CRITICAL)
CVE-2026-9758 — Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered tru... (7.3 HIGH)
CVE-2026-41714 — Applications that configure their broker connection via RabbitConnectionFactoryBean.setUri("amqps://...") without also calling setUseSSL(... (4.0 MEDIUM)