CVE-2019-7392

An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
caCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
broadcomprivileged_access_manager
3.0.1 ≤
𝑥
≤ 3.0.3
broadcomprivileged_access_manager
3.1.1 ≤
𝑥
≤ 3.1.2
broadcomprivileged_access_manager
3.2.0 ≤
𝑥
≤ 3.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/107040
https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html
http://www.securityfocus.com/bid/107040
https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html