An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/155631/CA-Nolio-6.6-Arbitrary-Code-Execution.html | Third Party Advisory |
http://seclists.org/fulldisclosure/2019/Dec/16 | Third Party Advisory |
https://seclists.org/bugtraq/2019/Dec/16 | Third Party Advisory |
https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/ca20191209-01-security-notice-for-ca-nolio-release-automation.html?r=2 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ca
Published: 2019-12-09T00:00:00
Updated: 2019-12-11T01:06:02
Reserved: 2019-11-22T00:00:00
Link: CVE-2019-19230
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-09T21:15:11.053
Modified: 2019-12-12T21:53:01.147
Link: CVE-2019-19230
JSON object: View
Redhat Information
No data.
CWE