CVE-2021-44050
MEDIUMCA Network Flow Analysis < 21.2.2 - Authenticated SQL Injection
Title source: llmDescription
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://support.broadcom.com/external/content/security-advisories/CA20211201-01-Security-Notice-for-CA-Network-Flow-Analysis/19689
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/Dec/0
Scores
CVSS v3
6.5
EPSS
0.0036
EPSS Percentile
57.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-89
Status
published
Products (1)
broadcom/ca_network_flow_analysis
< 21.2.2
Published
Dec 02, 2021
Tracked Since
Feb 18, 2026