SQL injection in CA Workload Automation

#VU11457 SQL injection in CA Workload Automation

Cybersecurity Help s.r.o.

Published: 2018-03-30 | Updated: 2018-04-02

Vulnerability identifier: #VU11457

Vulnerability risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-8953

CWE-ID: CWE-89

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
CA Workload Automation
Client/Desktop applications / Office applications

Vendor: CA Technologies

Description

The vulnerability allows a remote authenticated attacker to execute arbitrary SQL commands in web application database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can send a specially crafted HTTP request to vulnerable script and execute arbitrary SQL commands in web application database.

Successful exploitation of the vulnerability may allow an attacker to gain administrative access to vulnerable web application.

Mitigation
Update to version 11.3.6 SP7.

Vulnerable software versions

CA Workload Automation: 11.3.5 - 11.3.6 SP6

External links
http://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--securi...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in OpenShift Logging 5.8

Multiple vulnerabilities in CA Workload Automation AE and CA Workload Control Center