CVE-2019-19231 — Windows Hard Link in Technologies Broadcom Company CA Client Automation

CWE-65 — Windows Hard Link3 documents3 sources

Severity

7.8HIGHNVD

CNA7.3

EPSS

0.2%

top 61.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

CA Technologies Broadcom Company CA Client Automation Broadcom CA Client Automation

Timeline

PublishedDec 20

Latest updateMay 24

Description

An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶NVDbroadcom/ca_client_automation4 versions+3

▶CVEListV5ca_technologies_broadcom_company/ca_client_automation4 versions+3

🔴Vulnerability Details

GHSA

GHSA-2wr3-273m-9rpj: An insecure file access vulnerability exists in CA Client Automation 14↗2022-05-24

▶

CVEList

CVE-2019-19231: An insecure file access vulnerability exists in CA Client Automation 14↗2019-12-20

▶