CVE-2025-22274 - Vulnerability Details - OpenCVE

It is possible to inject HTML code into the page content using the "content" field in the "Application definition" page. This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact the vendor we did not receive any answer.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction Active

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://cert.pl/en/posts/2025/02/CVE-2025-22270/
https://cert.pl/posts/2025/02/CVE-2025-22270/
https://docs.cyberark.com/epm/24.7.1/en/content/resources/_topnav/cc_home.htm

History

Thu, 13 Mar 2025 08:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 28 Feb 2025 13:00:00 +0000

Type	Values Removed	Values Added
Description		It is possible to inject HTML code into the page content using the "content" field in the "Application definition" page. This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact the vendor we did not receive any answer.
Title		HTML injection in CyberArk Endpoint Privilege Manager
Weaknesses		CWE-80
References		https://cert.pl/en/posts/2025/02/CVE-2025-22270/ https://cert.pl/posts/2025/02/CVE-2025-22270/ https://docs.cyberark.com/epm/24.7.1/en/content/resources/_topnav/cc_home.htm
Metrics		cvssV4_0 `{'score': 2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published: 2025-02-28T12:34:08.548Z

Updated: 2025-03-12T19:50:46.032Z

Reserved: 2025-01-02T13:12:19.642Z

Link: CVE-2025-22274

Vulnrichment

Updated: 2025-02-28T13:01:46.444Z

NVD

Status : Awaiting Analysis

Published: 2025-02-28T13:15:28.067

Modified: 2025-03-05T16:15:38.243

Link: CVE-2025-22274

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-22274", "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "state": "PUBLISHED", "assignerShortName": "CERT-PL", "dateReserved": "2025-01-02T13:12:19.642Z", "datePublished": "2025-02-28T12:34:08.548Z", "dateUpdated": "2025-03-12T19:50:46.032Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "platforms": ["SaaS"], "product": "Endpoint Privilege Manager", "vendor": "CyberArk", "versions": [{"status": "affected", "version": "24.7.1"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Karol Mazurek (Afine Team)"}, {"lang": "en", "type": "finder", "value": "Maksymilian Kubiak (Afine Team)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>It is possible to inject HTML code into the page content using the \"content\" field in the \"Application definition\" page.<br></p><p>This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact the vendor we did not receive any answer.</p>"}], "value": "It is possible to inject HTML code into the page content using the \"content\" field in the \"Application definition\" page.\n\n\nThis issue affects\u00a0CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown.\u00a0After multiple attempts to contact the vendor we did not receive any answer."}], "impacts": [{"capecId": "CAPEC-113", "descriptions": [{"lang": "en", "value": "CAPEC-113 Interface Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 2, "baseSeverity": "LOW", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-80", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL", "dateUpdated": "2025-03-05T15:53:46.747Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://cert.pl/en/posts/2025/02/CVE-2025-22270/"}, {"tags": ["third-party-advisory"], "url": "https://cert.pl/posts/2025/02/CVE-2025-22270/"}, {"tags": ["product"], "url": "https://docs.cyberark.com/epm/24.7.1/en/content/resources/_topnav/cc_home.htm"}], "source": {"discovery": "UNKNOWN"}, "tags": ["exclusively-hosted-service"], "title": "HTML injection in CyberArk Endpoint Privilege Manager", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-28T13:01:22.657029Z", "id": "CVE-2025-22274", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-12T19:50:46.032Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-22274", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-28T13:01:22.657029Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-28T13:01:46.444Z"}}], "cna": {"tags": ["exclusively-hosted-service"], "title": "HTML injection in CyberArk Endpoint Privilege Manager", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Karol Mazurek (Afine Team)"}, {"lang": "en", "type": "finder", "value": "Maksymilian Kubiak (Afine Team)"}], "impacts": [{"capecId": "CAPEC-113", "descriptions": [{"lang": "en", "value": "CAPEC-113 Interface Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "CyberArk", "product": "Endpoint Privilege Manager", "versions": [{"status": "affected", "version": "24.7.1"}], "platforms": ["SaaS"], "defaultStatus": "unknown"}], "references": [{"url": "https://cert.pl/en/posts/2025/02/CVE-2025-22270/", "tags": ["third-party-advisory"]}, {"url": "https://cert.pl/posts/2025/02/CVE-2025-22270/", "tags": ["third-party-advisory"]}, {"url": "https://docs.cyberark.com/epm/24.7.1/en/content/resources/_topnav/cc_home.htm", "tags": ["product"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "It is possible to inject HTML code into the page content using the \"content\" field in the \"Application definition\" page.\n\n\nThis issue affects\u00a0CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown.\u00a0After multiple attempts to contact the vendor we did not receive any answer.", "supportingMedia": [{"type": "text/html", "value": "<p>It is possible to inject HTML code into the page content using the \"content\" field in the \"Application definition\" page.<br></p><p>This issue affects CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown. After multiple attempts to contact the vendor we did not receive any answer.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-80", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}], "providerMetadata": {"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL", "dateUpdated": "2025-03-05T15:53:46.747Z"}}}, "cveMetadata": {"cveId": "CVE-2025-22274", "state": "PUBLISHED", "dateUpdated": "2025-03-12T19:50:46.032Z", "dateReserved": "2025-01-02T13:12:19.642Z", "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "datePublished": "2025-02-28T12:34:08.548Z", "assignerShortName": "CERT-PL"}, "dataVersion": "5.1"}

{"cveTags": [{"sourceIdentifier": "cvd@cert.pl", "tags": ["exclusively-hosted-service"]}], "descriptions": [{"lang": "en", "value": "It is possible to inject HTML code into the page content using the \"content\" field in the \"Application definition\" page.\n\n\nThis issue affects\u00a0CyberArk Endpoint Privilege Manager in SaaS version 24.7.1. The status of other versions is unknown.\u00a0After multiple attempts to contact the vendor we did not receive any answer."}, {"lang": "es", "value": "Es posible inyectar c\u00f3digo HTML en el contenido de la p\u00e1gina mediante el campo \"contenido\" en la p\u00e1gina \"Definici\u00f3n de la aplicaci\u00f3n\". Este problema afecta a CyberArk Endpoint Privilege Manager en la versi\u00f3n SaaS 24.7.1. Se desconoce el estado de otras versiones. Despu\u00e9s de varios intentos de comunicarnos con el proveedor, no recibimos ninguna respuesta."}], "id": "CVE-2025-22274", "lastModified": "2025-03-05T16:15:38.243", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.0, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cvd@cert.pl", "type": "Secondary"}]}, "published": "2025-02-28T13:15:28.067", "references": [{"source": "cvd@cert.pl", "url": "https://cert.pl/en/posts/2025/02/CVE-2025-22270/"}, {"source": "cvd@cert.pl", "url": "https://cert.pl/posts/2025/02/CVE-2025-22270/"}, {"source": "cvd@cert.pl", "url": "https://docs.cyberark.com/epm/24.7.1/en/content/resources/_topnav/cc_home.htm"}], "sourceIdentifier": "cvd@cert.pl", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-80"}], "source": "cvd@cert.pl", "type": "Secondary"}]}