CVE-2017-9393

Sažetak

CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search.

Reference

http://www.securityfocus.com/bid/100956
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20170921-01--security-notice-for-ca-identity-manager.html

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

05-10-2017 - 14:10

Objavljeno

22-09-2017 - 14:29