Local Credential Exposure in Unicenter Asset Management by Computer Associates
CVE-2005-0640

Currently unrated

Key Information:

Vendor: Broadcom
Status: Unicenter Asset Management
Vendor: CVE Published:; 2 March 2005

What is CVE-2005-0640?

The vulnerability found in Computer Associates' Unicenter Asset Management 4.0 stems from improper initialization of the 'Change Credentials for Database' window. This design flaw permits local users to potentially recover the SQL Admin password through various methods, thereby compromising the database security.

References

http://secunia.com/advisories/14454

third-party-advisoryx_refsource_SECUNIA

http://supportconnect.ca.com/sc/solcenter/solresults.jsp?...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Mar 4, 2005
Vulnerability published
Mar 2, 2005

Broadcom

What is CVE-2005-0640?

References

Timeline