Required CVE Record Information
Description
CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.
CVSS 1 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 9.8 | CRITICAL | 3.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Product Status
Learn moreVersions 1 Total
Default Status: unknown
affected
Versions 1 Total
Default Status: unknown
affected
References 4 Total
- https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/new-security-notice-ca-20190930-01-security-notice-for-ca-network-flow-analysis.html
- seclists.org: 20191003 CA20190930-01: Security Notice for CA Network Flow Analysis mailing-list
- seclists.org: 20191004 CA20190930-01: Security Notice for CA Network Flow Analysis mailing-list
- http://packetstormsecurity.com/files/154739/CA-Network-Flow-Analysis-9.x-10.0.x-Remote-Command-Execution.html
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/new-security-notice-ca-20190930-01-security-notice-for-ca-network-flow-analysis.html x_transferred
- seclists.org: 20191003 CA20190930-01: Security Notice for CA Network Flow Analysis mailing-listx_transferred
- seclists.org: 20191004 CA20190930-01: Security Notice for CA Network Flow Analysis mailing-listx_transferred
- http://packetstormsecurity.com/files/154739/CA-Network-Flow-Analysis-9.x-10.0.x-Remote-Command-Execution.html x_transferred