CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
89.0%
An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code.
[
{
"product": "Client Automation",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "14.0"
}
]
},
{
"product": "Workload Automation AE",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "11.3.5"
},
{
"status": "affected",
"version": "11.3.6"
}
]
}
]
packetstormsecurity.com/files/154418/CA-Common-Services-Distributed-Intelligence-Architecture-DIA-Code-Execution.html
seclists.org/fulldisclosure/2019/Sep/15
casupport.broadcom.com/us/product-content/recommended-reading/security-notices/CA20190904-01--security-notice-for-ca-common-services-distributed-intelligence-architecture-dia.html
seclists.org/bugtraq/2019/Sep/14
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
89.0%