CVE-2018-8954

CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
caCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
VendorProductVersion
caworkload_control_center
𝑥
≤ r11.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/103742
http://www.securitytracker.com/id/1040605
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html
http://www.securityfocus.com/bid/103742
http://www.securitytracker.com/id/1040605
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html