Ca Automic Automation
CVE-2022-33750
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands.
AnalysisAI
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary commands. Affected products include: Broadcom Ca Automic Automation.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
More in Ca Automic Automation
View allCA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that cou
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that cou
CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent th
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could
CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could al
CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could all
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today