Multiple SQL Injection Vulnerabilities in CA Total Defense by CA Technologies
CVE-2011-1653
Currently unrated
What is CVE-2011-1653?
The CA Total Defense product suite is impacted by multiple SQL injection vulnerabilities present in the Unified Network Control (UNC) Server. These vulnerabilities allow remote attackers to execute arbitrary SQL commands through specific stored procedures such as UnAssignFunctionalRoles, UnassignAdminRoles, DeleteFilter, NonAssignedUserList, DeleteReportLayout, DeleteReports, and RegenerateReport. Exploiting these vulnerabilities poses a significant risk to data integrity and system availability.