Priya Patel“`html
TLDR:
Customers of Delinea’s Secret Server are being urged to upgrade their installations immediately after a critical vulnerability was discovered by researcher Johnny Yu. The vulnerability could allow attackers to gain admin-level access and potentially access an organization’s most sensitive data. Delinea released patches for the vulnerability, but questions remain about the incident and transparency of outcomes.
Article Summary:
Customers of Delinea’s Secret Server are being urged to upgrade their installations immediately after a researcher discovered a critical vulnerability that could allow attackers to gain admin-level access. The vulnerability, affecting both on-prem and cloud deployments of Secret Server, was found by researcher Johnny Yu. Delinea released a patch for the vulnerability in the latest version (11.7.000001) but did not credit Yu for the discovery. The release of the patch followed a seven-hour outage on April 12, during which Delinea blocked traffic to an endpoint containing a security concern. Infosec expert Kevin Beaumont confirmed that the disruption was related to the vulnerability. The exploit allowed attackers to craft a serialized API token with admin role, granting access to protected resources. Despite attempts by Yu to disclose the vulnerability to Delinea, the vendor did not open a case or respond to responsible disclosure attempts. Delinea has since patched the vulnerability and provided a remediation guide for on-premise customers.
In a statement, Delinea confirmed the vulnerability in Secret Server, stating that both the Delinea Platform and Secret Server Cloud have been patched and are no longer vulnerable. The company conducted reviews for any evidence of compromised data and found no evidence of exploitation. Questions remain about the transparency of the incident and whether customer data was compromised. Ongoing updates will be posted on trust.delinea.com.
“`
