PatchSiren cyber security CVE debrief
CVE-2026-45170 CyberArk Software, a Palo Alto Networks Company CVE debrief
CVE-2026-45170 is a HIGH-severity vulnerability (CVSS Score: 7.5) affecting Idiria Privilege Cloud Connector versions prior to 1.1.100504. Under specific conditions and configuration scenarios, TLS certificate validation may not be fully enforced, potentially allowing for security risks. The vulnerability was published on [cvePublishedAt] and last modified on [cveModifiedAt].
- Vendor
- CyberArk Software, a Palo Alto Networks Company
- Product
- PAM SH Connector
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Administrators and users of Idiria Privilege Cloud Connector versions prior to 1.1.100504 should be aware of this vulnerability and take necessary actions to mitigate potential risks.
Technical summary
The vulnerability is related to CWE-295, which involves improper certificate validation. This could allow for potential security risks if not properly addressed.
Defensive priority
HIGH
Recommended defensive actions
- Update Idiria Privilege Cloud Connector to version 1.1.100504 or later.
- Review and adjust configuration scenarios to ensure TLS certificate validation is fully enforced.
Evidence notes
The CVE record was obtained from [resourceLinkAnnotations:cve-org]. Additional details can be found at [resourceLinkAnnotations:nvd].
Official resources
-
CVE-2026-45170 CVE record
CVE.org
-
CVE-2026-45170 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-45170 was published on 2026-06-12T02:16:42.233Z and last modified on 2026-06-12T15:30:26.567Z.