CVE-2006-6641

Name of the Vulnerable Software and Affected Versions CA CleverPath Portal versions prior to 4.71.001 179 060830 CA BrightStor Portal version r11.1 CA CleverPath Aion BPM versions prior to r10.3 CA eTrust Security Command Center versions r1 and r8 CA Unicenter (affected versions not specified)

Description The issue arises when multiple Portal servers are started simultaneously and share the same data store, potentially causing a Portal user to inherit the session and credentials of a user on another Portal server. This could lead to unauthorized access.

Recommendations For CA CleverPath Portal versions prior to 4.71.001 179 060830, update to version 4.71.001 179 060830 or later. For CA BrightStor Portal version r11.1, consider upgrading to a version that incorporates the fix for CA CleverPath Portal. For CA CleverPath Aion BPM versions prior to r10.3, update to version r10.3 or later. For CA eTrust Security Command Center versions r1 and r8, apply the necessary patches or updates to address the issue. For CA Unicenter, at the moment, there is no information about a newer version that contains a fix for this vulnerability.