CVE-2016-6152

HIGH

CA eHealth <6.3.2.13 - DoS/Command Injection

Title source: llm

Description

CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.

References (3)

[Patch, Permissions Required, Vendor Advisory] http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160721-01-security-notice-for-ca-ehealth.aspx

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1036433

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/92107

Scores

CVSS v3 8.8

EPSS 0.0101

EPSS Percentile 76.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

Status draft

Affected Products (18)

broadcom/ehealth

... and 3 more

Timeline

Published Jul 26, 2016

Tracked Since Feb 18, 2026