Ca · Ca Privileged Access Manager · CVE-2019-7392
**Name of the Vulnerable Software and Affected Versions**
CA Privileged Access Manager versions 3.x
**Description**
The issue is related to an improper authentication mechanism in the Web-UI jk-manager and jk-status components, allowing a remote attacker to obtain sensitive information or modify the configuration.
**Recommendations**
For CA Privileged Access Manager versions 3.x, consider restricting access to the jk-manager and jk-status components until a proper fix is applied. As a temporary workaround, review and strengthen authentication mechanisms to minimize the risk of exploitation.