Ca Automic Automation
CVE-2022-33756
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data.
AnalysisAI
CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-331. CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic AutomationEngine that could allow a remote attacker to potentially access sensitive data. Affected products include: Broadcom Ca Automic Automation.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Ca Automic Automation
View allCA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that cou
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that cou
CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic agent that could allow
CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in the Automic agent th
CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic agent that could al
CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic Agent that could all
Same weakness CWE-331 – Insufficient Entropy
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today