Vulnerability Description
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.
CVSS Score
7.3
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Ca Client Automation | 14.0 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/155758/CA-Client-Automation-14.x-Privilege-Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2020/Jan/5Mailing ListThird Party Advisory
- https://seclists.org/bugtraq/2019/Dec/41Mailing ListThird Party Advisory
- https://techdocs.broadcom.com/us/product-content/recommended-reading/security-noVendor Advisory
- http://packetstormsecurity.com/files/155758/CA-Client-Automation-14.x-Privilege-Third Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2020/Jan/5Mailing ListThird Party Advisory
- https://seclists.org/bugtraq/2019/Dec/41Mailing ListThird Party Advisory
- https://techdocs.broadcom.com/us/product-content/recommended-reading/security-noVendor Advisory
FAQ
What is CVE-2019-19231?
CVE-2019-19231 is a vulnerability with a CVSS score of 7.3 (HIGH). An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.
How severe is CVE-2019-19231?
CVE-2019-19231 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-19231?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Ca Client Automation, Microsoft Windows.