RSS   Vulnerabilities for 'Ehealth performance manager'   RSS

2021-03-26
 
CVE-2021-28250

CWE-269
 

 
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

 
 
CVE-2021-28249

CWE-269
 

 
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is run. The code in the library will be executed as the root user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

 
 
CVE-2021-28247

CWE-79
 

 
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by Cross Site Scripting (XSS). The impact is: An authenticated remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and perform a Reflected Cross-Site Scripting attack against the platform users. The affected endpoints are: cgi/nhWeb with the parameter report, aviewbin/filtermibobjects.pl with the parameter namefilter, and aviewbin/query.pl with the parameters System, SystemText, Group, and GroupText. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

 
2010-02-24
 
CVE-2010-0640

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request.

 

 >>> Vendor: CA 195 Products
Controlit
Arcserve backup
Inoculan
Inoculateit
Etrust intrusion detection
Etrust access control
Siteminder
Inoculateit agent for exchange
Ccc harvest
Arcserve backup 2000
Gateway security
Mlink
Unicenter remote control host
Unicenter remote control
Unicenter remote control option
Identityminder
Brightstor arcserve backup
Etrust antivirus
Etrust antivirus gateway
Etrust ez antivirus
Etrust ez armor
Etrust secure content manager
Unicenter tng
Etrust antivirus ee
Common services
Unicenter network and systems management
Unicenter serviceplus service desk
Unicenter web services distributed management
License software
Unicenter asset management
Internet security suite
Brightstor arcserve backup agent
Brightstor enterprise backup
Brightstor enterprise backup agent
Etrust ez armor le
Vet antivirus
Etrust siteminder
Brightstor arcserve backup hp
Advantage data transport
Adviseit
Brightstor portal
Brightstor san manager
Cleverpath ecm
Cleverpath olap
Cleverpath predictive analysis server
Etrust admin
Message queuing
Unicenter application performance monitor
Unicenter data transport option
Unicenter enterprise job manager
Unicenter jasmine
Unicenter management
Unicenter nsm
Unicenter performance management
Unicenter service level management
Unicenter software delivery
Cleverpath aion
Messaging
Unicenter management portal
Unicenter nsm wireless network management option
Igateway
Etrust antivirus iris engine
Brightstor arcserve backup laptops desktops
Brightstor process automation manager
Brightstor storage resource manager
Etrust audit aries
Etrust audit irecorder
Etrust directory
Etrust identity minder
Etrust integrated threat management
Itechnology igateway
Unicenter application server managment
Unicenter asset portfolio management
Unicenter autosys jm
Unicenter ca web services distributed management
Unicenter exchange management console
Unicenter service catalog fulfillment accounting
Unicenter service delivery
Unicenter service desk
Unicenter service desk knowledge tools
Unicenter service fulfillment
Unicenter service metric analysis
Unicenter web server management
Cleverpath portal
Brightstor mobile backup
Business protection suite
Desktop protection suite
Server protection suite
Directory
Resource initialization manager
Etrust pestpatrol
Integrated threat management
Etrust antivirus webscan
Identity manager
Etrust security command center
Etrust audit client
Etrust audit datatools
Etrust audit policy manager
Protection suites
Anti-virus
See all Products for Vendor CA


Copyright 2024, cxsecurity.com

 

Back to Top