4 matches found
CVE-2024-38499
CA Client Automation ITCM allows non-admin/non-root users to encrypt a string using CAF CLI and SDACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to...
CVE-2024-38499
creationtimestamp| type| source ---|---|--- 2024-12-17 05:46:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113666581841693387 2024-12-17 08:25:17+00:00| seen| https://t.me/cvedetector/13070...
CVE-2024-38499
CA Client Automation (ITCM) vulnerability CVE-2024-38499 involves improper privilege management that allows non-admin/non-root users to encrypt strings via CAF CLI and SD_ACMD CLI. This could expose encryption keys and enable credential compromise. The available fix prevents non-admin/non-root us...
CVE-2024-38499 Improper Privilege Management Vulnerability in CA Client Automation 14.5
CA Client Automation ITCM allows non-admin/non-root users to encrypt a string using CAF CLI and SDACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to...