PT-2018-18789 · Ca · Ca Privileged Access Manager

Published

2018-06-18

Updated

2021-04-12

CVE-2018-9025

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions CA Privileged Access Manager versions 2.x

Description The issue is related to an input validation vulnerability that allows remote attackers to poison log files with specially crafted input.

Recommendations For CA Privileged Access Manager versions 2.x, update to a version that includes input validation fixes to prevent log file poisoning.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-9025

Affected Products

Ca Privileged Access Manager

PT-2018-18789 · Ca · Ca Privileged Access Manager

CVE-2018-9025

Weakness Enumeration

Related Identifiers

Affected Products

References · 5