Lucene search
K

4 matches found

NVD
NVD
added 2024/12/17 6:15 a.m.16 views

CVE-2024-38499

CA Client Automation ITCM allows non-admin/non-root users to encrypt a string using CAF CLI and SDACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to...

8.8CVSS0.00232EPSS
Exploits0References2
Circl
Circl
added 2024/12/17 5:46 a.m.8 views

CVE-2024-38499

creationtimestamp| type| source ---|---|--- 2024-12-17 05:46:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113666581841693387 2024-12-17 08:25:17+00:00| seen| https://t.me/cvedetector/13070...

8.8CVSS4.8AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2024/12/17 5:43 a.m.51 views

CVE-2024-38499

CA Client Automation (ITCM) vulnerability CVE-2024-38499 involves improper privilege management that allows non-admin/non-root users to encrypt strings via CAF CLI and SD_ACMD CLI. This could expose encryption keys and enable credential compromise. The available fix prevents non-admin/non-root us...

8.8CVSS6.6AI score0.00232EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/17 5:43 a.m.9 views

CVE-2024-38499 Improper Privilege Management Vulnerability in CA Client Automation 14.5

CA Client Automation ITCM allows non-admin/non-root users to encrypt a string using CAF CLI and SDACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to...

7.3CVSS7.1AI score0.00232EPSS
Exploits0References1
Rows per page
Query Builder