Design/Logic Flaw

2019-10-0217:15:00

PRIOn knowledge base

www.prio-n.com

9.7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.0%

JSON

CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.

CPENameOperatorVersion
network_flow_analysisge9.3.1
network_flow_analysisle9.5.0
network_flow_analysiseq10.0.0

Name	Operator	Version
network_flow_analysis	ge	9.3.1
network_flow_analysis	le	9.5.0
network_flow_analysis	eq	10.0.0

References

packetstormsecurity.com/files/154739/CA-Network-Flow-Analysis-9.x-10.0.x-Remote-Command-Execution.html

seclists.org/fulldisclosure/2019/Oct/6

seclists.org/bugtraq/2019/Oct/4

techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/new-security-notice-ca-20190930-01-security-notice-for-ca-network-flow-analysis.html