CVE-2017-11197

HIGH EPSS 57.9%

Published May 3, 20233y ago · Modified Jun 17, 20261w ago

7.8 CVSS 3.1

High

Published May 3, 2023 3y ago

Last Modified Jun 17, 2026 1w ago

Description

In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option.

CVSS Details

Base Score

7.8

Exploitability

1.8

Impact

5.9

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

57.9% percentile

Exploit & Patch Status

Public Exploit Known

No Patch Available

Affected Products 2

Vendor	Product	Version	Range
cyberark	viewfinity	*	≥6.0 – <6.1.1.220
cyberark	viewfinity	5.5.10.95	any

References 2

lp.cyberark.com http://lp.cyberark.com/rs/316-CZP-275/images/ds-Viewfinity-102315-web.pdf

Product
exploit-db.com https://www.exploit-db.com/exploits/42319

ExploitThird Party AdvisoryVDB Entry

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.