CVE-2018-15691

Description

Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.

Affected products

• CA Technologies / Release Automation6.5 and earlier – 6.5 and earlier

References

• MISChttp://www.securitytracker.com/id/1041591
• EXPLOIThttps://www.exploit-db.com/exploits/45425/
• MISChttps://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-03--security-notice-for-ca-release-automation.html
• MISChttp://www.securityfocus.com/bid/105197