CVE-2006-6641
First published: Wed Dec 20 2006(Updated: )
Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Unicenter Enterprise Job Manager | =r1_sp3 | |
| CleverPath Aion BPM | =r10.2 | |
| CleverPath Aion BPM | =r10 | |
| CleverPath Portal | =r4.71 | |
| CleverPath Aion BPM | =r10.1 | |
| Unicenter Database Management Portal | =r11 | |
| Unicenter Management Portal | =r2.0 | |
| CleverPath Portal | =r4.51 | |
| Unicenter Management Portal | =r11.0 | |
| Unicenter Management Portal | =r3.1 | |
| Unicenter Asset And Portfolio Management | =r11 | |
| Unicenter Database Command Center | =r11.1 | |
| Unicenter Workload Control Center | =r1_sp4 | |
| Arcserve Brightstor | =11.1 | |
| eTrust Security Command Center | =r8 | |
| eTrust Security Command Center | =r1 | |
| CleverPath Portal | =r4.7 | |
| Broadcom Cleverpath Portal | <=4.71 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://supportconnectw.ca.com/public/ca_common_docs/cpportal_secnot.asp
- http://secunia.com/advisories/23426
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34876
- http://www.securityfocus.com/bid/21681
- http://www.osvdb.org/30854
- http://securitytracker.com/id?1017429
- http://www.vupen.com/english/advisories/2006/5091
- http://www.securityfocus.com/archive/1/455041/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/event
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- vendor/unicenter
- canonical/unicenter enterprise job manager
- version/unicenter enterprise job manager/r1_sp3
- vendor/cleverpath
- canonical/cleverpath aion bpm
- version/cleverpath aion bpm/r10.2
- version/cleverpath aion bpm/r10
- canonical/cleverpath portal
- version/cleverpath portal/r4.71
- version/cleverpath aion bpm/r10.1
- canonical/unicenter database management portal
- version/unicenter database management portal/r11
- canonical/unicenter management portal
- version/unicenter management portal/r2.0
- version/cleverpath portal/r4.51
- version/unicenter management portal/r11.0
- version/unicenter management portal/r3.1
- canonical/unicenter asset and portfolio management
- version/unicenter asset and portfolio management/r11
- canonical/unicenter database command center
- version/unicenter database command center/r11.1
- canonical/unicenter workload control center
- version/unicenter workload control center/r1_sp4
- vendor/arcserve
- canonical/arcserve brightstor
- version/arcserve brightstor/11.1
- vendor/etrust
- canonical/etrust security command center
- version/etrust security command center/r8
- version/etrust security command center/r1
- version/cleverpath portal/r4.7
- vendor/broadcom
- canonical/broadcom cleverpath portal
- version/broadcom cleverpath portal/4.71