CVE Vulnerabilities

CVE-2006-6641

Published: Dec 20, 2006 | Modified: Apr 07, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server.

Affected Software

Name Vendor Start Version End Version
Brightstor Arcserve 11.1 (including) 11.1 (including)
Cleverpath_portal Broadcom * 4.71 (including)
Aion_bpm Cleverpath r10 (including) r10 (including)
Aion_bpm Cleverpath r10.1 (including) r10.1 (including)
Aion_bpm Cleverpath r10.2 (including) r10.2 (including)
Portal Cleverpath r4.7 (including) r4.7 (including)
Portal Cleverpath r4.51 (including) r4.51 (including)
Portal Cleverpath r4.71 (including) r4.71 (including)
Security_command_center Etrust r1 (including) r1 (including)
Security_command_center Etrust r8 (including) r8 (including)
Asset_and_portfolio_management Unicenter r11 (including) r11 (including)
Database_command_center Unicenter r11.1 (including) r11.1 (including)
Database_management_portal Unicenter r11 (including) r11 (including)
Enterprise_job_manager Unicenter r1_sp3 (including) r1_sp3 (including)
Management_portal Unicenter r2.0 (including) r2.0 (including)
Management_portal Unicenter r3.1 (including) r3.1 (including)
Management_portal Unicenter r11.0 (including) r11.0 (including)
Workload_control_center Unicenter r1_sp4 (including) r1_sp4 (including)

References