7 matches found
CVE-2022-33751
The CVE-2022-33751 entry affects Broadcom CA Automic Automation 12.2 and 12.3, with an insecure memory handling vulnerability in the Automic agent that could enable a remote attacker to access sensitive data. Connected sources confirm the affected product and root cause (insecure memory handling ...
CVE-2022-33753
The CVE-2022-33753 issue affects Broadcom CA Automic Automation versions 12.2 and 12.3, with an insecure file creation and handling vulnerability in the Automic agent that could allow a user to elevate privileges. Supported by PT-2022-21864, this is tied to the Automic agent’s file handling logic...
CVE-2022-33756
CVE-2022-33756 affects Broadcom/CA Automic Automation: versions 12.2 and 12.3 of the AutomationEngine are reported to contain an entropy weakness that could allow a remote attacker to potentially access sensitive data. Connected sources (NVD, Red Hat) describe the issue similarly and do not provi...
CVE-2022-33754
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. The affected product/subsystem is Automic Automation ( Broadcom ). Root cause: input validation weakness in the...
CVE-2022-33752
CA Automic Automation 12.2 and 12.3 contain a vulnerability in the Automic agent due to insufficient input validation, potentially allowing a remote attacker to execute arbitrary code. Affected products are Broadcom CA Automic Automation (Automic agent) versions 12.2/12.3. The root cause is input...
CVE-2022-33755
CA Automic Automation versions 12.2–12.3 are affected by an insecure input handling vulnerability in the Automic Agent that could allow a remote attacker to enumerate users. The PT-2022-21866 entry notes the issue stems from input handling in the Automic Agent and provides a workaround: restrict ...
CVE-2022-33750
CVE-2022-33750 affects Broadcom CA Automic Automation 12.2 and 12.3. The Automic agent has an authentication error that could allow a remote attacker to execute arbitrary commands. Documented impact is high (remote, no user interaction) per CVSS data; exploitation details are not provided in the ...