CVE-2024-38499 | THREATINT

Description

CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute "caf encrypt"/"sd_acmd encrypt" commands.

PUBLISHED Reserved 2024-06-18 | Published 2024-12-17 | Updated 2024-12-19 | Assigner symantec

HIGH: 7.3CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-269 Improper Privilege Management

Product status

Default status

unaffected

14.5 CU7

affected

Credits

Matthias Deeg (e-mail: matthias.deeg@syss.de, Twitter/X: @matthiasdeeg) finder

References

seclists.org/fulldisclosure/2024/Dec/16

support.broadcom.com/...l/content/SecurityAdvisories/0/25284

cve.org (CVE-2024-38499)

nvd.nist.gov (CVE-2024-38499)

Download JSON