PT-2015-5919 · Ca · Ca Spectrum

Published

2015-04-08

·

Updated

2021-04-12

·

CVE-2015-2828

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions CA Spectrum versions 9.2.x through 9.3.x before 9.3 H02
Description The issue arises from improper validation of serialized Java objects, allowing remote authenticated users to gain administrative privileges by crafting malicious object data.
Recommendations For CA Spectrum versions 9.2.x through 9.3.x before 9.3 H02, update to version 9.3 H02 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2015-2828

Affected Products

Ca Spectrum