CVE-2017-9393

N/A

Description

CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search.

CVE Details

CVSS v3.1 ScoreN/A

Published9/22/2017

Last Modified4/20/2025

Sourcenvd

Honeypot Sightings0

Affected Products

ca:identity_managerca:identity_manager_virtual_appliance

Weaknesses (CWE)

CWE-200

References

http://www.securityfocus.com/bid/100956(vuln@ca.com)

https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20170921-01--security-notice-for-ca-identity-manager.html(vuln@ca.com)

http://www.securityfocus.com/bid/100956(af854a3a-2127-422b-91ae-364da2661108)

https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20170921-01--security-notice-for-ca-identity-manager.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.