CVE-2022-22689

Summary

CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands.

Affected Software

VendorProductVersion RangeStatus
n/aCA Harvest Software Change Manager13.0.3, 13.0.4, 14.0.0, 14.0.1affected

Weaknesses

  • CWE-1236: CWE-1236: Improper Neutralization of Formula Elements in a CSV File

ADP Enrichment

CVE Program Container

Additional References

References