Showing 1 - 1 of 1

CVE-2017-8391

Status Candidate

Overview

The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.

Related Files

CA Client Automation OS Installation Management Insecure Storage: Posted May 7, 2017; Authored by Kevin Kotas | Site www3.ca.com; A vulnerability exists due to insecure storage of account credentials used by OS Installation Management during operating system installation. A local attacker can potentially access a sensitive file containing account credentials and decrypt a password. Depending on the privileges associated with the credentials, an attacker can potentially gain further access. This vulnerability only affects operating system installations created by CA Client Automation with OS Installation Management. Versions affected include CA Client Automation r14.0, r14.0 SP1 and CA Client Automation r12.9.; tags | advisory, local; advisories | CVE-2017-8391; SHA-256 | 379b013c4b3c51375804f709509f608366ef08dc24ca477e7fb8e4d863cfd0cd; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 323 files
Ubuntu 71 files
Debian 21 files
LiquidWorm 12 files
Gentoo 8 files
Apple 6 files
Google Security Research 4 files
Spencer McIntyre 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2017-8391

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems