CVE-2026-45169
Awaiting Analysis
Awaiting Analysis - Queue
Privileged Access Manager Vault Denial of Service Vulnerability
Vulnerability report for CVE-2026-45169, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-12
Last updated on: 2026-06-12
Assigner: Palo Alto Networks, Inc.
Description
Description
Idira Privileged Access Manager (PAM) Self-Hosted Vault versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8 exhibit a validation vulnerability. Under specific circumstances and configuration scenarios, processing unexpected input could potentially lead to an unexpected service termination, resulting in a localized denial of service (DoS). CyberArk Security Bulletin: CA26-17
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cyberark | privileged_access_manager_self_hosted | to 15.0.3 (exc) |
| cyberark | privileged_access_manager_self_hosted | 15.0.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |