The vulnerable system is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers). An example of a network attack is an attacker causing a denial of service by sending a specially crafted TCP packet across a wide area network (e.g., CVE-2004-0230).
Attack Complexity
Low
AC
The attacker must take no measurable action to exploit the vulnerability. The attack requires no target-specific circumvention to exploit the vulnerability. An attacker can expect repeatable success against the vulnerable system.
Privileges Required
Low
PR
The attacker requires privileges that provide basic capabilities that are typically limited to settings and resources owned by a single low-privileged user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources.
Scope
S
An exploited vulnerability can affect resources beyond the security scope managed by the security authority that is managing the vulnerable component. This is often referred to as a 'privilege escalation,' where the attacker can use the exploited vulnerability to gain control of resources that were not intended or authorized.
Confidentiality
High
C
There is total information disclosure, resulting in all data on the system being revealed to the attacker, or there is a possibility of the attacker gaining control over confidential data.
Integrity
High
I
There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the attacker being able to modify any file on the target system.
Availability
High
A
There is a total shutdown of the affected resource. The attacker can deny access to the system or data, potentially causing significant loss to the organization.
Below is a copy: CA Performance Management Arbitrary Command Execution
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
CA20191015-01: Security Notice for CA Performance Management
Issued: October 15th, 2019
Last Updated: October 15th, 2019
CA Technologies, A Broadcom Company, is alerting customers to a
potential risk with CA Performance Management. A vulnerability exists
that can allow a remote attacker to execute arbitrary commands. CA
published solutions to address the vulnerabilities and recommends
that all affected customers implement these solutions.
The vulnerability, CVE-2019-13657, occurs due to default credentials
and a configuration weakness. A malicious actor may use the default
credentials and exploit a weakness in the configuration to execute
arbitrary commands on the Performance Center server.
Risk Rating
High
Platform(s)
All supported platforms
Affected Products
NetOps 19.1 and prior
Component Version(s) Affected:
CA Performance Management 3.7.x prior to 3.7.4
CA Performance Management 3.6.x prior to 3.6.9
CA Performance Management 3.5.x
How to determine if the installation is affected
Customers may use the product version to determine if their product
installation is affected.
Solution
CA Technologies published the following solutions to address the
vulnerabilities. Customers should also review Firewall and
Connectivity Considerations at
https://docops.ca.com/ca-performance-management/3-7/en
located under the Installing -> Review Installation Requirements and
Considerations section. As always we recommend that you follow good
password management for all passwords within the system.
CA Performance Management 3.7.x:
Update to Performance Management 3.7.4 or later.
Review the 3.7.x upgrade steps and MySQL password guidance located
at https://docops.ca.com/ca-performance-management/3-7/en under
the Upgrading -> Upgrade Performance Center section.
CA Performance Management 3.6.x:
Update to Performance Management 3.6.9 or later. Alternatively,
customers may update to 3.7.4 or later.
Review the 3.6.x upgrade steps and MySQL password guidance located
at https://docops.ca.com/ca-performance-management/3-6/en under
the Upgrading -> Upgrade Performance Center section.
CA Performance Management 3.5.x:
Update to Performance Management 3.7.4 or later.
Review the 3.7.x upgrade steps and MySQL password guidance located
at https://docops.ca.com/ca-performance-management/3-7/en under
the Upgrading -> Upgrade Performance Center section.
For explicit 3.5.x guidance on changing the password for MySQL,
review the steps located at
https://docops.ca.com/ca-performance-management/3-5/en under
the Upgrading -> Upgrade Performance Center section.
References
CVE-2019-13657 - Performance Management default credentials
Acknowledgement
CVE-2019-13657 - Hendrik Van Belleghem
Change History
Version 1.0: 2019-10-15 - Initial Release
CA customers may receive product alerts and advisories by subscribing
to Proactive Notifications on the support site.
Customers who require additional information about this notice may
contact CA Technologies Support at https://casupport.broadcom.com/
To report a suspected vulnerability in a CA Technologies product,
please send a summary to CA Technologies Product Vulnerability
Response at ca.psirt <AT> broadcom.com
Security Notices, PGP key, and disclosure policy and guidance
https://techdocs.broadcom.com/ca-psirt
Kevin Kotas
CA Product Security Incident Response Team
Copyright 2019 Broadcom. All Rights Reserved. The term "Broadcom"
refers to Broadcom Inc. and/or its subsidiaries. Broadcom, the pulse
logo, Connecting everything, CA Technologies and the CA technologies
logo are among the trademarks of Broadcom. All trademarks, trade
names, service marks and logos referenced herein belong to their
respective companies.
-----BEGIN PGP SIGNATURE-----
Charset: utf-8
wsBVAwUBXad/CLZ6yOO9o8STAQi/cwf/ckenS70yqt6n8L86aCsRl6x5kdN/ApMh
+VIYpv6zwQpVC29D92vYJT8YDGfNu105mk9u2vUok6lBhuOM5rH+thY4DQL9mybz
bu6dQfppkqTu+zcZF2aInBZskUSVOGMGYEyVq2y08NPG4vcbTrytWSc7bfgpleNP
+vDD528Cl5H61ftXV8V25Xg/Vy5ArSAqm4gHcChId84uHHU7jXNtPug8wDUdjJ4i
R9nGNBtmqJdJuPuj/FsTeCUt5U0R+3ghAo5Efaat5SzcNDd//hyBoLHFe43oJ42o
TAaUPBmkbq8xYnXc55cbWBUUdKk3gTK45jIuOAz7rDV8jDtf2CkHeg==
=6FMp
-----END PGP SIGNATURE-----
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum