Information Disclosure in CA eTrust ITM by Computer Associates
CVE-2007-5439

Currently unrated

Key Information:

Vendor: Broadcom
Status: Etrust Integrated Threat Management
Vendor: CVE Published:; 13 October 2007

What is CVE-2007-5439?

The CA eTrust ITM version 8.1 has a vulnerability that involves the storage of sensitive user information in log files with easily predictable names. This design flaw allows remote attackers to access confidential data through various, unspecified means, potentially leading to unauthorized disclosure of sensitive information. Organizations using this product should assess their exposure to this risk and consider implementing appropriate security measures to safeguard their data.

References

http://securityreason.com/securityalert/3219

third-party-advisoryx_refsource_SREASON

http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf

x_refsource_MISC

http://www.securityfocus.com/bid/26012

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 13, 2007
Vulnerability Reserved
Oct 12, 2007

Broadcom

What is CVE-2007-5439?

References

Timeline