Spoofing Vulnerabilities in Computer Associates eTrust Security Command Center and Audit
CVE-2006-4901

Currently unrated

Key Information:

Vendor: Broadcom
Status: Etrust Audit Client; Etrust Audit Datatools; Etrust Audit Policy Manager; Etrust Security Command Center
Vendor: CVE Published:; 22 September 2006

What is CVE-2006-4901?

The eTrust Security Command Center and eTrust Audit products from Computer Associates suffer from a vulnerability that allows remote attackers to spoof alerts and perform replay attacks by manipulating the eTSAPISend.exe process with specific arguments. This can lead to unauthorized actions being perceived as legitimate, compromising system integrity and security. It is crucial for users of these products to implement security measures and updates to mitigate the associated risks.

References

http://users.tpg.com.au/adsl2dvp/advisories/200608-comput...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/29107

vdb-entryx_refsource_XF

http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=...

x_refsource_CONFIRM

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 22, 2006
Vulnerability Reserved
Sep 20, 2006

Broadcom

What is CVE-2006-4901?

References

EPSS Score

Timeline