Description
A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases.
Affected products
- CA Technologies - A Broadcom Company / CA Risk Authentication3.1.x – 3.1.x
- CA Technologies - A Broadcom Company / CA Risk Authentication9.0.x – 9.0.x
- CA Technologies - A Broadcom Company / CA Risk Authentication8.2.x – 8.2.x
- CA Technologies - A Broadcom Company / CA Risk Authentication8.1.x – 8.1.x
- CA Technologies - A Broadcom Company / CA Risk Authentication8.0.x – 8.0.x
- CA Technologies - A Broadcom Company / CA Strong Authentication9.0.x – 9.0.x
- CA Technologies - A Broadcom Company / CA Strong Authentication8.2.x – 8.2.x
- CA Technologies - A Broadcom Company / CA Strong Authentication8.1.x – 8.1.x
- CA Technologies - A Broadcom Company / CA Strong Authentication8.0.x – 8.0.x
- CA Technologies - A Broadcom Company / CA Strong Authentication7.1.x – 7.1.x
References
- MAILING_LISThttps://seclists.org/bugtraq/2019/May/66
- EXPLOIThttp://packetstormsecurity.com/files/153089/CA-Risk-Strong-Authentication-Privilege-Escalation.html
- MISChttp://www.securityfocus.com/bid/108483
- MISChttps://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190523-01--security-notice-for-ca-risk-authentication-and-ca-strong-authentication.html
- MAILING_LISThttp://seclists.org/fulldisclosure/2019/May/43