CVE-2019-7394

HIGH

CA Technologies CA Strong Authentication <9.0 - Privilege Escalation

Title source: llm

Description

A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges.

References (5)

Scores

CVSS v3 8.8
EPSS 0.0217
EPSS Percentile 84.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-269
Status published

Affected Products (6)

ca/risk_authentication < 8.2.1
ca/risk_authentication
ca/risk_authentication
ca/strong_authentication < 8.2.1
ca/strong_authentication
ca/strong_authentication

Timeline

Published May 28, 2019
Tracked Since Feb 18, 2026