SQL Injection Vulnerability in CA Release Automation by CA Technologies
CVE-2014-8248

Currently unrated

Key Information:

Vendor: Broadcom
Status: Release Automation
Vendor: CVE Published:; 16 December 2014

What is CVE-2014-8248?

A SQL injection vulnerability exists in CA Release Automation that permits remote authenticated users to manipulate database queries. By crafting specific SQL queries, attackers can execute arbitrary SQL commands, posing a significant risk to data integrity and application security. It's crucial for users of versions prior to 4.7.1 b448 to apply necessary security updates to mitigate this threat.

References

http://www.ca.com/us/support/ca-support-online/product-co...

x_refsource_CONFIRM

http://seclists.org/fulldisclosure/2014/Dec/55

mailing-listx_refsource_FULLDISC

http://www.kb.cert.org/vuls/id/343060

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Dec 16, 2014
Vulnerability Reserved
Oct 12, 2014

Broadcom

What is CVE-2014-8248?

References

Timeline