Vulnerability Description
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Privileged Access Manager | <= 2.8.2 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-ManageExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/104496Third Party AdvisoryVDB Entry
- https://support.ca.com/us/product-content/recommended-reading/security-notices/cBroken Link
- http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-ManageExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/104496Third Party AdvisoryVDB Entry
- https://support.ca.com/us/product-content/recommended-reading/security-notices/cBroken Link
FAQ
What is CVE-2018-9021?
CVE-2018-9021 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
How severe is CVE-2018-9021?
CVE-2018-9021 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-9021?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Privileged Access Manager.