Multiple SQL Injection Vulnerabilities in CA Total Defense by CA Technologies
CVE-2011-1653

Currently unrated

Key Information:

Vendor

Broadcom

Vendor
CVE Published:
18 April 2011

What is CVE-2011-1653?

The CA Total Defense product suite is impacted by multiple SQL injection vulnerabilities present in the Unified Network Control (UNC) Server. These vulnerabilities allow remote attackers to execute arbitrary SQL commands through specific stored procedures such as UnAssignFunctionalRoles, UnassignAdminRoles, DeleteFilter, NonAssignedUserList, DeleteReportLayout, DeleteReports, and RegenerateReport. Exploiting these vulnerabilities poses a significant risk to data integrity and system availability.

References

EPSS Score

74% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.