Exploiting Encryption Oversights in CA Client Automation
CVE-2024-38499

Currently unrated

Key Information:

Vendor: Broadcom
Status: Ca Client Automation (itcm)
Vendor: CVE Published:; 17 December 2024

What is CVE-2024-38499?

CVE-2024-38499 is a significant vulnerability in CA Client Automation (ITCM) that exposes non-admin/non-root users to the ability to perform encryption operations via the CAF CLI and SD_ACMD CLI. This flaw permits these less privileged users to access critical encryption keys, leading to potential exploitation of stored credentials. The identified risk necessitates immediate attention, as unauthorized access to sensitive information could have severe ramifications. To mitigate this vulnerability, a fix has been implemented to restrict the execution of the 'caf encrypt' and 'sd_acmd encrypt' commands solely to admin or root users.

Affected Version(s)

CA Client Automation (ITCM) 14.5 CU7

References

https://support.broadcom.com/web/ecx/support-content-noti...

Timeline

Vulnerability published
Dec 17, 2024
Vulnerability Reserved
Jun 18, 2024

Credit

Matthias Deeg (e-mail: [email protected], Twitter/X: @matthiasdeeg)

Broadcom

What is CVE-2024-38499?

Affected Version(s)

References

Timeline

Credit