Privilege Escalation Vulnerability in CA Technologies CA Strong Authentication and CA Risk Authentication
CVE-2019-7394

8.8HIGH

Key Information:

Vendor: Ca Technologies, A Broadcom Company
Status: Ca Strong Authentication; Ca Risk Authentication
Vendor: CVE Published:; 28 May 2019

What is CVE-2019-7394?

A privilege escalation vulnerability exists in the administrative interface of CA Technologies' CA Strong Authentication and CA Risk Authentication products. This issue allows an authenticated attacker to potentially gain elevated privileges, particularly in scenarios where user accounts possess customized or limited access rights. The impacted product versions include multiple iterations of CA Strong Authentication and CA Risk Authentication, making it crucial for users to review their security settings and apply relevant patches to mitigate this risk.

Affected Version(s)

CA Risk Authentication 9.0.x

CA Risk Authentication 8.2.x

CA Risk Authentication 8.1.x

References

https://seclists.org/bugtraq/2019/May/66

mailing-listx_refsource_BUGTRAQ

http://packetstormsecurity.com/files/153089/CA-Risk-Stron...

x_refsource_MISC

http://www.securityfocus.com/bid/108483

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 28, 2019
Vulnerability Reserved
Feb 4, 2019

Ca Technologies, A Broadcom Company

What is CVE-2019-7394?

Affected Version(s)

References

CVSS V3.1

Timeline