CA Technologies is alerting customers to a vulnerability in CA Harvest Software Change Manager. A vulnerability exists that can allow a privileged user to perform CSV injection attacks and potentially execute arbitrary code or commands. Note that this vulnerability is specific to the Harvest Workbench and Eclipse Plugin interfaces. CA published solutions to address this vulnerability and recommends that all affected customers implement these solutions. The vulnerability occurs due to insufficient input validation. A privileged user can potentially execute arbitrary code or commands. Versions affected include 13.0.3, 13.0.4, 14.0.0, and 14.0.1.
a4714b8adbe4fb471da29bb68b71fdc00d58ffcb406ca48c29511036eec88952
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed