<<< Date Index >>>     <<< Thread Index >>>

[CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability



Title: [CAID 35277]: CA CleverPath Portal SQL Injection 
Vulnerability

CA Vuln ID (CAID): 35277

CA Advisory Date: 2007-04-24

Reported By: Hacktics Ltd

Impact: Local attacker can access confidential data.

Summary: CA CleverPath Portal contains a vulnerability that can 
allow a local attacker to access confidential data. The 
vulnerability is due to insufficient filtering of SQL search 
queries. CA has issued a patch to address the vulnerability.

Mitigating Factors:
1. Lite Search is required for this scenario. 
2. Data can not be modified using this technique.
3. Attacker must have a valid username and password.

Severity: CA has given this vulnerability a Low risk rating.

Affected Products:
BrightStor Portal 11.1
CleverPath Aion 10, 10.1, 10.2
CleverPath Portal 4.51, 4.7, 4.71
eTrust Security Command Center (eTrust SCC)  1, 8
Unicenter Argis Portfolio Asset Management 11
Unicenter Database Management Portal 11, 11.1
Unicenter Enterprise Job Manager (UEJM) 3, 11
Unicenter Management Portal (UMP) 2, 3.1, 11

Affected Platforms:
All supported platforms

Status and Recommendation:
Customers using vulnerable versions of CleverPath Portal should 
apply the patch, which is available for download from 
http://supportconnect.ca.com.
CleverPath Portal solution - QO87601

How to determine if the installation is affected:
To determine if you are using the Lite Search feature, log in to 
the Portal Administration area. On the Global Properties page, you 
can view the current Search Engine configuration.

Workaround:
None available

References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
CA SupportConnect Security Notice for this vulnerability:
CleverPath Portal Security Notice
http://supportconnectw.ca.com/public/cp/portal/infodocs/portal-secnot.asp
Solution Document Reference APARs:
QO87601
CA Security Advisor posting:
CA CleverPath Portal SQL Injection Vulnerability
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=136879
CAID: 35277
CAID Advisory link:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35277
Reported By: Hacktics Ltd
Hacktics advisory:
Security Advisory: CA CleverPath SQL Injection
http://www.hacktics.com/AdvCleverPathApr07.html
CVE Reference: CVE-2007-2230
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2230
OSVDB Reference: OSVDB-34128
http://osvdb.org/34128

Changelog for this advisory:
v1.0 - Initial Release

Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory, please
send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability"
form. 
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research

CA, 1 CA Plaza, Islandia, NY 11749
        
Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2007 CA. All rights reserved.