Remote Command Execution Vulnerability in CA Performance Management
CVE-2019-13657
9.8CRITICAL
Key Information:
- Vendor
- CVE Published:
- 17 October 2019
What is CVE-2019-13657?
The software CA Performance Management versions 3.5.x, 3.6.x prior to 3.6.9, and 3.7.x prior to 3.7.4 are susceptible to a critical security flaw that stems from the use of default credentials. This vulnerability can be exploited by remote attackers to execute arbitrary commands on the system, leading to a complete compromise of system integrity. It's essential for users to ensure proper credential management and apply the necessary patches to mitigate potential risks associated with this vulnerability.
Affected Version(s)
CA Performance Management 3.5.x
CA Performance Management 3.6.x before 3.6.9
CA Performance Management 3.7.x before 3.7.4