CVE-2016-6151

HIGH

CA eHealth 6.2.x - DoS/Command Injection

Title source: llm

Description

CA eHealth 6.2.x allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.

References (3)

[Patch, Permissions Required, Vendor Advisory] http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160721-01-security-notice-for-ca-ehealth.aspx

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1036433

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/92107

Scores

CVSS v3 8.8

EPSS 0.0113

EPSS Percentile 78.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

Status draft

Affected Products (3)

ca/ehealth

ca/ehealth

ca/ehealth

Timeline

Published Jul 26, 2016

Tracked Since Feb 18, 2026