Not SimonSecurity Week reports that the Delinea security incident from Friday 12 April 2024 stemmed from a failed responsible disclosure attempt. Technical details of an authentication bypass vulnerability in the Secret Server SOAP API along with proof-of-concept (PoC) code were made public that day. The vulnerability has not been assigned a CVE ID. 🔗 https://www.securityweek.com/delinea-scrambles-to-patch-critical-flaw-after-failed-responsible-disclosure-attempt/
83r71nCustomers of Delinea's Secret Server, a privileged access management (PAM) product, are urged to immediately apply the latest patches after a critical vulnerability was discovered. This vulnerability could allow attackers to gain admin-level access, potentially compromising sensitive information of an organization's top-tier staff. The vulnerability was found in both on-premises and cloud deployments of Secret Server. Researcher Johnny Yu (@straight_blast ) discovered this issue and attempted to disclose it to Delinea, but his efforts were unsuccessful. Delinea acknowledged the vulnerability on April 13 and released a fix in version 11.7.000001. The company also stated that there's no evidence the vulnerability was exploited before the patch was released, ensuring customer data safety. The patch release followed a seven-hour outage on April 12, which Delinea attributed to a security incident. The company did not link the disclosed vulnerability to the security incident but did mention that SOAP (Simple Object Access Protocol) endpoints were limited for Secret Server Cloud customers.
https://trust.delinea.com/?tcuUid=17aaf4ef-ada9-46d5-bf97-abd3b07daae3
https://docs.delinea.com/online-help/secret-server/release-notes/ss-rn-11-7-000001.htm
#cybersecurity #delinea #secretserver #vulnerability #patch #release