CVE-2019-19544

EUVD-2019-9162
CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EOL) status on April 1, 2015.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
Affected Products (NVD)
VendorProductVersion
broadcomca_automic_dollar_universe
5.3.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/itm4n/CVEs/tree/master/ca-dollaru-uxdqmsrv-privesc
https://github.com/itm4n/CVEs/tree/master/ca-dollaru-uxdqmsrv-privesc