Dennis Mantz

**Name of the Vulnerable Software and Affected Versions** CA Automic Automation versions 12.2 through 12.3 **Description** The issue is related to insufficient input validation in the Automic agent, which could allow a remote attacker to potentially execute arbitrary code. **Recommendations** For CA Automic Automation versions 12.2 through 12.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CA Automic Automation versions 12.2 through 12.3 **Description** The issue is related to an authentication error in the Automic agent, which could allow a remote attacker to potentially execute arbitrary commands. **Recommendations** For CA Automic Automation versions 12.2 and 12.3, consider restricting access to the Automic agent until a fix is available. As a temporary workaround, consider disabling remote access to the Automic agent to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CA Automic Automation versions 12.2 through 12.3 **Description** The issue is related to insecure memory handling in the Automic agent, which could allow a remote attacker to potentially access sensitive data. **Recommendations** For CA Automic Automation versions 12.2 through 12.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CA Automic Automation versions 12.2 through 12.3 **Description** The issue is related to insecure input handling in the Automic Agent, which could allow a remote attacker to potentially enumerate users. **Recommendations** For CA Automic Automation versions 12.2 through 12.3, consider restricting access to the Automic Agent to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CA Automic Automation versions 12.2 through 12.3 **Description** The issue concerns an insecure file creation and handling vulnerability in the Automic agent. This could potentially allow a user to elevate privileges. **Recommendations** For versions 12.2 and 12.3, update to a version that includes a fix for the insecure file creation and handling vulnerability in the Automic agent. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CA Automic Automation versions 12.2 through 12.3 **Description** The issue is related to insufficient input validation in the Automic agent, which could allow a remote attacker to potentially execute arbitrary code. **Recommendations** For CA Automic Automation versions 12.2 through 12.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Frappe versions prior to 7.1.28 **Description** The issue allows remote authenticated users to execute arbitrary SQL commands via the `fields` parameter in the `frappe.share.get users` function. **Recommendations** For versions prior to 7.1.28, update to version 7.1.28 or later to resolve the issue.