CVE-2018-19635 - CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to esca

CVE-2018-19635

Summary

CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.

References

Vulnerable Configurations

cpe:2.3:a:broadcom:service_desk_manager:17.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:service_desk_manager:17.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:service_desk_manager:14.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:service_desk_manager:14.1:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	106689
confirm	https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20190117-01-security-notice-for-ca-service-desk-manager.html

Last major update

09-04-2021 - 18:53

Published

22-01-2019 - 15:29

Last modified

09-04-2021 - 18:53