Description

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager (BoKS) can result in the selection of weak password hash algorithms.  This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain.

INFO

Published Date :

2025-12-16T20:01:02.743Z

Last Modified :

2025-12-16T20:23:51.768Z

Source :

Fortra
AFFECTED PRODUCTS

The following products are affected by CVE-2025-13532 vulnerability.

Vendors Products
Fortra
  • Boks
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-13532.

URL Resource
https://www.fortra.com/security/advisories/product-security/fi-2025-014 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact