Fortra Core Privileged Access Manager (BoKS) Sensitive Data Leakage Vulnerability

Vulnerability

A vulnerability exists in the BoKS Server Agent component of Fortra's Core Privileged Access Manager (BoKS) on Linux, AIX, and Solaris. Affected versions include 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1), and legacy tar installs of BoKS 7.2 without hotfix #0474. This vulnerability allows low privilege local users to dump sensitive data from the cache.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information cached by the BoKS Server Agent.

Added: Jun 17, 2025, 8:16 PM

Updated: Jun 17, 2025, 8:52 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fortra Core Privileged Access Manager (BoKS) Sensitive Data Leakage Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating