Vulnerability Description
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Ca Network Flow Analysis | < 21.2.2 |
| Microsoft | Windows Server 2012 | r2 |
| Microsoft | Windows Server 2016 | - |
| Microsoft | Windows Server 2019 | - |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2021/Dec/0Mailing ListThird Party Advisory
- https://support.broadcom.com/external/content/security-advisories/CA20211201-01-Vendor Advisory
- http://seclists.org/fulldisclosure/2021/Dec/0Mailing ListThird Party Advisory
- https://support.broadcom.com/external/content/security-advisories/CA20211201-01-Vendor Advisory
FAQ
What is CVE-2021-44050?
CVE-2021-44050 is a vulnerability with a CVSS score of 6.5 (MEDIUM). CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated ...
How severe is CVE-2021-44050?
CVE-2021-44050 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-44050?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Ca Network Flow Analysis, Microsoft Windows Server 2012, Microsoft Windows Server 2016, Microsoft Windows Server 2019.