CVE-2019-7392

Name of the Vulnerable Software and Affected Versions CA Privileged Access Manager versions 3.x

Description The issue is related to an improper authentication mechanism in the Web-UI jk-manager and jk-status components, allowing a remote attacker to obtain sensitive information or modify the configuration.

Recommendations For CA Privileged Access Manager versions 3.x, consider restricting access to the jk-manager and jk-status components until a proper fix is applied. As a temporary workaround, review and strengthen authentication mechanisms to minimize the risk of exploitation.