A medium severity vulnerability in BeyondInsight Password Safe has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response.
Product | Version |
---|---|
BeyondInsight Password Safe | 23.3 versions before the .929 hotfix |
Product | Version |
---|---|
BeyondInsight Password Safe | 24.1 and later |
BeyondInsight Password Safe | 23.3.0.929 and later |
BeyondTrust would like to acknowledge Christian Dölling for reporting this issue.