CVE-2019-13657
First published: Thu Oct 17 2019(Updated: )
CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.
Credit: vuln@ca.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom Ca Performance Management | >=3.6.0<3.6.9 | |
| Broadcom Ca Performance Management | >=3.7.0<3.7.4 | |
| Broadcom Ca Performance Management | =3.5.0 | |
| Broadcom Network Operations | <=19.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/154904/CA-Performance-Management-Arbitary-Command-Execution.html
- http://packetstormsecurity.com/files/154904/CA-Performance-Management-Arbitrary-Command-Execution.html
- http://seclists.org/fulldisclosure/2019/Oct/37
- https://seclists.org/bugtraq/2019/Oct/26
- https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/ca-20191015-01-security-notice-for-ca-performance-management.html
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/broadcom
- canonical/broadcom ca performance management
- version/broadcom ca performance management/3.6.0
- version/broadcom ca performance management/3.7.0
- version/broadcom ca performance management/3.5.0
- canonical/broadcom network operations
- version/broadcom network operations/19.1