PT-2019-18578 · Ca · Ca Strong Authentication+1
Rohit Yadav
·
Publicado
2019-05-28
·
Atualizado
2020-10-06
·
CVE-2019-7394
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
CA Strong Authentication versions 7.1.x through 9.0.x
CA Strong Authentication versions 8.0.x through 8.2.x
CA Risk Authentication versions 3.1.x through 9.0.x
CA Risk Authentication versions 8.0.x through 8.2.x
Description
A privilege escalation issue in the administrative user interface allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges.
Recommendations
For CA Strong Authentication versions 7.1.x through 9.0.x, update to a version that includes a fix for this issue.
For CA Strong Authentication versions 8.0.x through 8.2.x, update to a version that includes a fix for this issue.
For CA Risk Authentication versions 3.1.x through 9.0.x, update to a version that includes a fix for this issue.
For CA Risk Authentication versions 8.0.x through 8.2.x, update to a version that includes a fix for this issue.
Correção
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ca Risk Authentication
Ca Strong Authentication