PT-2018-12202 · Ca · Ca Unified Infrastructure Management

Published

2018-08-30

Updated

2018-10-19

CVE-2018-13819

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions CA Unified Infrastructure Management versions 8.4.7 through 8.5.1

Description A hardcoded secret key in the software allows attackers to access sensitive information.

Recommendations For CA Unified Infrastructure Management versions 8.4.7 through 8.5.1, update to a version that does not contain the hardcoded secret key to prevent unauthorized access to sensitive information.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2018-13819

Affected Products

Ca Unified Infrastructure Management

PT-2018-12202 · Ca · Ca Unified Infrastructure Management

CVE-2018-13819

Weakness Enumeration

Related Identifiers

Affected Products

References · 4