Critical Authentication Bypass Vulnerability in Delinea Secret Server Disclosed Along With PoC

Share :

On April 12, 2024, Delinea issued an advisory to address a critical authentication bypass vulnerability identified in the SOAP API component of its Secret Server product, available in both Cloud and On-Premises solutions. A threat actor could exploit this vulnerability to bypass authentication, gain administrative access, and extract sensitive information. This advisory was released in response to the initial disclosure of the vulnerability on April 10, 2024, by a security researcher who also provided a proof of concept (PoC) exploit. 

The vulnerability currently does not have an assigned Common Vulnerability and Exposures (CVE) number or a Common Vulnerability Scoring System (CVSS) score. Furthermore, Delinea has confirmed that there have been no observed instances of active exploitation of this vulnerability. However, given the original disclosure of the vulnerability, which includes a PoC exploit, it is likely to draw the attention of threat actors due to the malicious actions they could perform on vulnerable servers.  


Upgrade Delinea Secret Server to Fixed Version 

Arctic Wolf strongly recommends upgrading Delinea Secret Server to the latest versions. 

Product  Affected Version  Fixed Version 
Delinea Secret Server
11.7.000000  11.7.000001 
11.6.000025 and below  11.6.000026 or 11.7.000001 
  • Any of the following: 
  • 11.5.000003 
  • 11.6.000026 
  • 11.7.000001 
Older than 11.5.000002 
Download 11.5.000002, then upgrade to any of the patched versions above 


Please follow your organization’s patching and testing guidelines to avoid operational impact. 


  1. Delinea Customer Email 
  2. Delinea Advisory 
  3. Delinea Knowledge Base Article (Remediating Vulnerability Guidance)
  4. Note: Originally this was publicly accessible, but now requires a customer login. 
  5. Security Researcher Blog Post (Original Disclosure) 
Picture of Andres Ramos

Andres Ramos

Andres Ramos is a Threat Intelligence Researcher at Arctic Wolf with a strong background in tracking emerging threats and producing actionable intelligence for both technical and non-technical stakeholders. He has a diverse background encompassing various domains of cyber security, holds a degree in Cybersecurity Engineering, and is a CISSP.
Share :
Table of Contents
Subscribe to our Monthly Newsletter