CA Client Automation 14.x Privilege Escalation

2019.12.27
Credit: Kevin Kotas
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-264


CVSS Base Score: 4.6/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CA20191218-01: Security Notice for CA Client Automation Agent for Windows Issued: December 18, 2019 Last Updated: December 18, 2019 CA Technologies, A Broadcom Company, is alerting customers to a potential risk with CA Client Automation agent on Windows. A vulnerability exists that can allow a local attacker to gain escalated privileges. CA published solutions to address the vulnerability and recommends that all affected customers implement the applicable solution. The vulnerability, CVE-2019-19231, occurs due to insecure file access by the agent services. A local attacker may exploit this vulnerability to execute arbitrary commands with escalated privileges on an installation of the Client Automation agent. Risk Rating High Platform(s) Windows Affected Products CA Client Automation 14.0, 14.1, 14.2, 14.3 Windows agent Affected Component CA Client Automation Agent for Windows How to determine if the installation is affected Only the CA Client Automation agent on Windows is vulnerable. Customers may check the .his file for the presence of the fix. Solution CA Technologies published the following solutions to address the vulnerabilities. Agents for CA Client Automation R14, R14 SP1 (14.0, 14.1): Update to CA Client Automation R14 SP2 or SP3 and apply the appropriate fix for R14 SP2 or SP3. Agents for CA Client Automation R14 SP2 (14.2): SO11134 Agents for CA Client Automation R14 SP3 (14.3): SO11210 References CVE-2019-19231 - CA Client Automation Agent privilege escalation Acknowledgement CVE-2019-19231 - Andrew Hess Change History Version 1.0: 2019-12-18 - Initial Release CA customers may receive product alerts and advisories by subscribing to Proactive Notifications on the support site. Customers who require additional information about this notice may contact CA Technologies Support at https://casupport.broadcom.com/ To report a suspected vulnerability in a CA Technologies product, please send a summary to CA Technologies Product Vulnerability Response at ca.psirt <AT> broadcom.com Security Notices, PGP key, and disclosure policy and guidance https://techdocs.broadcom.com/ca-psirt Kevin Kotas CA Product Security Incident Response Team Copyright 2019 Broadcom. All Rights Reserved. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries. Broadcom, the pulse logo, Connecting everything, CA Technologies and the CA technologies logo are among the trademarks of Broadcom. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. -----BEGIN PGP SIGNATURE----- Charset: utf-8 wsBVAwUBXf0b9LZ6yOO9o8STAQiRngf6A4NlGriQt6XvSPTmUSsNWYYrUGfWo2i4 gVQC0wyp8rmzwTh+Wq6/DCW7YoTqMSEefpRfTDONwGztBDvIm7Ag79IHYXNHn7Oh kT4M8YnlfyOmCcntNLgAlZLlaZlaQceVKkKQdLFMANpuRvVK4XDF13ad9UKxsTJh zKFJ0hFgv9OliSR7MFepz+SMxd+OCPIHhz46JfMee7C5hN4Gw4uM+gIs/PwPdFM4 sZmlADI+mUiyqu+Dv/h62O8nJ12voe6SK5AD+GO8qpl8YQT1oujEa6MCa56Rdei2 4m1EEQyoedw+3bjd67c+DTwBJJAcSPhibKvfAwyppXth9vMqMMZOIw== =HhfF -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top