35 matches found
EUVD-2015-3362
Malware in sbrugna...
EUVD-2016-10596
Malware in sbrugna...
EUVD-2017-17343
Malware in sbrugna...
EUVD-2019-8857
Malware in sbrugna...
EUVD-2015-3363
Malware in sbrugna...
EUVD-2015-3364
Malware in sbrugna...
CVE-2024-38499
CA Client Automation ITCM allows non-admin/non-root users to encrypt a string using CAF CLI and SDACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to...
CVE-2024-38499 Improper Privilege Management Vulnerability in CA Client Automation 14.5
CA Client Automation ITCM allows non-admin/non-root users to encrypt a string using CAF CLI and SDACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to...
CVE-2024-38499 Improper Privilege Management Vulnerability in CA Client Automation 14.5
CA Client Automation ITCM allows non-admin/non-root users to encrypt a string using CAF CLI and SDACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to...
CVE-2024-38499
CA Client Automation (ITCM) vulnerability CVE-2024-38499 involves improper privilege management that allows non-admin/non-root users to encrypt strings via CAF CLI and SD_ACMD CLI. This could expose encryption keys and enable credential compromise. The available fix prevents non-admin/non-root us...
PT-2024-9958 · Ca · Ca Client Automation
Name of the Vulnerable Software and Affected Versions: CA Client Automation ITCM affected versions not specified Description: The issue is related to insecure privilege management in the CA Client Automation software, which allows non-admin or non-root users to encrypt strings using the CAF CLI a...
CVE-2019-19231
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges...
CVE-2019-19231
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges...
Design/Logic Flaw
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges...
CVE-2019-19231
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges...
CVE-2019-19231
CVE-2019-19231 concerns a local privilege-escalation in Broadcom/CA Client Automation Agent for Windows (versions 14.0–14.3). The available documents confirm an insecure file access path as the root cause enabling a local attacker to gain elevated privileges. The details consistently reference th...
Broadcom CA Client Automation CVE-2019-19231 Local Privilege Escalation Vulnerability
Description Broadcom CA Client Automation is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to execute arbitrary command with elevated privileges on the affected system. Broadcom CA Client Automation versions 14.0, 14.1, 14.2, 14.3 are vulnerable...
CA Client Automation Local Information Disclosure Vulnerability
CA Client Automation is a suite of automation and remote client management tools from CA, Inc.OS Installation Management component is the operating system installation management component. A security vulnerability exists in the OS Installation Management component of CA Client Automation version...
CVE-2017-8391
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system...
Design/Logic Flaw
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system...