CVE-2021-28249

Name of the Vulnerable Software and Affected Versions: CA eHealth Performance Manager versions 6.3.2.12 and earlier

Description: The issue allows for privilege escalation via a dynamically linked shared object library. To exploit this, the ehealth user must create a malicious library in the writable RPATH, which will be dynamically linked when the FtpCollector executable is run. The code in the library will be executed as the root user. This issue only affects products that are no longer supported by the maintainer.

Recommendations: For CA eHealth Performance Manager versions 6.3.2.12 and earlier, consider disabling the FtpCollector executable until a resolution can be determined, as these versions are no longer supported by the maintainer. At the moment, there is no information about a newer version that contains a fix for this vulnerability.