CVE-2015-2828

Currently unrated

Key Information:

Vendor
Broadcom
Status
Spectrum
Vendor
CVE Published:
8 April 2015

Summary

CA Spectrum 9.2.x and 9.3.x before 9.3 H02 does not properly validate serialized Java objects, which allows remote authenticated users to obtain administrative privileges via crafted object data.

References

http://www.securityfocus.com/bid/73957
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/535205/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.ca.com/us/support/ca-support-online/product-co...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.