Description
CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.
References (3)
Core 3
Core References
Patch, Permissions Required, Vendor Advisory x_refsource_confirm
http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160721-01-security-notice-for-ca-ehealth.aspx
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036433
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92107
Scores
CVSS v3
8.8
EPSS
0.0101
EPSS Percentile
77.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (18)
broadcom/ehealth
6.3
broadcom/ehealth
6.3.1
broadcom/ehealth
6.3.2
broadcom/ehealth
6.3.2.01
broadcom/ehealth
6.3.2.02
broadcom/ehealth
6.3.2.03
broadcom/ehealth
6.3.2.04
broadcom/ehealth
6.3.2.05
broadcom/ehealth
6.3.2.06
broadcom/ehealth
6.3.2.07
... and 8 more
Published
Jul 26, 2016
Tracked Since
Feb 18, 2026