CVE ID : CVE-2024-38499
Published : Dec. 17, 2024, 6:15 a.m. | 23 minutes ago
Description : CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute "caf encrypt"/"sd_acmd encrypt" commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Full story here:
Published : Dec. 17, 2024, 6:15 a.m. | 23 minutes ago
Description : CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute "caf encrypt"/"sd_acmd encrypt" commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Full story here:
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
