Privilege Escalation Vulnerability in CA Automic Dollar Universe by CA Technologies
CVE-2019-19544

7.8HIGH

Key Information:

Vendor: Broadcom
Status: Ca Automic Dollar Universe
Vendor: CVE Published:; 8 January 2020

What is CVE-2019-19544?

The vulnerability in CA Automic Dollar Universe 5.3.3 arises from the uxdqmsrv binary being setuid root, which enables local attackers to potentially gain elevated privileges. This issue was identified a considerable time after the product's End of Life status on April 1, 2015, highlighting concerns over legacy software security. The possibility of exploiting this flaw poses serious risks to systems still running affected versions.

Affected Version(s)

CA Automic Dollar Universe 5.3.3

References

https://github.com/itm4n/CVEs/tree/master/ca-dollaru-uxdq...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 8, 2020
Vulnerability Reserved
Dec 3, 2019

Broadcom

What is CVE-2019-19544?

Affected Version(s)

References

CVSS V3.1

Timeline