Preface: CyberArk Identity creates a set of JavaScript objects, global variables, and global methods for each SAML user session. These objects provide information that a user map script or a custom SAML script can read and act on.

Background: Application access policies with JavaScript – If you want more specific control over when users can access your application or when they are required to provide additional authentication credentials, you can use JavaScript.
If you use a policy script, authentication rules configured in the UI will be ignored.

Vulnerability details: CyberArk – CWE-602: Client-Side Enforcement of Server-Side Security

Official announcement: Please refer to the link for details – https://nvd.nist.gov/vuln/detail/CVE-2024-42340