CVE-2019-7394

Summary

A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges.

Affected Software

VendorProductVersion RangeStatus
CA Technologies, A Broadcom CompanyCA Strong Authentication9.0.xaffected
CA Technologies, A Broadcom CompanyCA Strong Authentication8.2.xaffected
CA Technologies, A Broadcom CompanyCA Strong Authentication8.1.xaffected
CA Technologies, A Broadcom CompanyCA Strong Authentication8.0.xaffected
CA Technologies, A Broadcom CompanyCA Strong Authentication7.1.xaffected
CA Technologies, A Broadcom CompanyCA Risk Authentication9.0.xaffected
CA Technologies, A Broadcom CompanyCA Risk Authentication8.2.xaffected
CA Technologies, A Broadcom CompanyCA Risk Authentication8.1.xaffected
CA Technologies, A Broadcom CompanyCA Risk Authentication8.0.xaffected
CA Technologies, A Broadcom CompanyCA Risk Authentication3.1.xaffected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References