PT-2019-18578 · Ca · Ca Strong Authentication+1
Rohit Yadav
·
Published
2019-05-28
·
Updated
2020-10-06
·
CVE-2019-7394
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
CA Strong Authentication versions 7.1.x through 9.0.x
CA Strong Authentication versions 8.0.x through 8.2.x
CA Risk Authentication versions 3.1.x through 9.0.x
CA Risk Authentication versions 8.0.x through 8.2.x
Description
A privilege escalation issue in the administrative user interface allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges.
Recommendations
For CA Strong Authentication versions 7.1.x through 9.0.x, update to a version that includes a fix for this issue.
For CA Strong Authentication versions 8.0.x through 8.2.x, update to a version that includes a fix for this issue.
For CA Risk Authentication versions 3.1.x through 9.0.x, update to a version that includes a fix for this issue.
For CA Risk Authentication versions 8.0.x through 8.2.x, update to a version that includes a fix for this issue.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ca Risk Authentication
Ca Strong Authentication