CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-13657

CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 6.5

References

http://packetstormsecurity.com/files/154904/CA-Performance-Management-Arbitary-Command-Execution.html
http://packetstormsecurity.com/files/154904/CA-Performance-Management-Arbitrary-Command-Execution.html
http://seclists.org/fulldisclosure/2019/Oct/37
https://seclists.org/bugtraq/2019/Oct/26
https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/ca-20191015-01-security-notice-for-ca-performance-management.html
http://packetstormsecurity.com/files/154904/CA-Performance-Management-Arbitary-Command-Execution.html
http://packetstormsecurity.com/files/154904/CA-Performance-Management-Arbitrary-Command-Execution.html
http://seclists.org/fulldisclosure/2019/Oct/37
https://seclists.org/bugtraq/2019/Oct/26
https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/ca-20191015-01-security-notice-for-ca-performance-management.html

Products affected by CVE-2019-13657

Broadcom » Ca Performance Management » Version: 3.5.0

cpe:2.3:a:broadcom:ca_performance_management:3.5.0
Broadcom » Ca Performance Management » Version: 3.6.0

cpe:2.3:a:broadcom:ca_performance_management:3.6.0
Broadcom » Ca Performance Management » Version: 3.7.0

cpe:2.3:a:broadcom:ca_performance_management:3.7.0
Broadcom » Network Operations » Version: N/A

cpe:2.3:a:broadcom:network_operations:-
Broadcom » Network Operations » Version: 19.1

cpe:2.3:a:broadcom:network_operations:19.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-13657

Products

Pricing

Contact Us