A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret Server SOAP API vulnerability Delinea Secret Server (formerly Thycotic Secret Server) is a privileged access management (PAM) solution “for the modern, hybrid enterprise”. Among other things, PAM solutions can automate the provisioning and deprovisioning of privileged accounts, as well … More →

The post …

access access management admin api api vulnerability attackers auth authentication bypass critical critical vulnerability delinea don't miss enterprise extract hot stuff may on-prem organizations poc privileged accounts secret secrets server soap thycotic update vulnerability vulnerability disclosure