RE: CVE-2014-1219 - Unauthenticated Privilege Escalation in CA 2E- Web Option

From: Williams, James K <Ken.Williams@ca.com>
To: full-disclosure@lists.grok.org.uk <full-disclosure@lists.grok.org.uk>,vuln@secunia.com <vuln@secunia.com>,moderators@osvdb.org <moderators@osvdb.org>,bugtraq@securityfocus.com <bugtraq@securityfocus.com>
Cc:
Subject: RE: CVE-2014-1219 - Unauthenticated Privilege Escalation in CA 2E- Web Option
Date:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Date: Wed, 12 Feb 2014 15:59:34 -0000
> From: "Portcullis Advisories" <advisories@portcullis-security.com>
[snip]
> Vulnerability title: Unauthenticated Privilege Escalation in CA 
> 2E Web Option
>
> CVE: CVE-2014-1219
> Vendor: CA
> Product: 2E Web Option
> Affected version: 8.1.2
[snip]               


CA Technologies is currently investigating a vulnerability report 
concerning CA 2E Web Option that was published publicly on 2014-02-11 
(CVE-2014-1219).

This statement can be found at 
http://blogs.ca.com/securityresponse/2014/02/13/

Note that r8.1.2 reached End of Service (EOS) on April 10, 2013 and is 
no longer supported.  Customers can find the End of Service Announcement, 
dated April 10, 2012, on the CA Support website.
https://support.ca.com/

Thanks and regards,
Ken Williams, Director
CA Technologies Product Vulnerability Response Team
CA Technologies Business Unit Operations
Ken.Williams@ca.com


Copyright (C) 2014 CA. All Rights Reserved. One CA Plaza, Islandia, N.Y. 
11749. All other trademarks, trade names, service marks, and logos 
referenced herein belong to their respective companies.

-----BEGIN PGP SIGNATURE-----
Version: Encryption Desktop 10.3.1 (Build 13100)
Charset: utf-8

wj8DBQFS/QaPeSWR3+KUGYURApj7AKCX/WOzON/8X9BgbQk4Siz/bDtGBQCeIO8S
VrgYM0oZD2rTLdIN0aje5to=
=AjzU
-----END PGP SIGNATURE-----





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.