Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2006-6641

Published: Dec 20, 2006 | Modified: Apr 09, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2006-6641
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server.

Affected Software

NameVendorStart VersionEnd Version
BrightstorArcserve11.1 (including)11.1 (including)
Cleverpath_portalBroadcom*4.71 (including)
Aion_bpmCleverpathr10 (including)r10 (including)
Aion_bpmCleverpathr10.1 (including)r10.1 (including)
Aion_bpmCleverpathr10.2 (including)r10.2 (including)
PortalCleverpathr4.7 (including)r4.7 (including)
PortalCleverpathr4.51 (including)r4.51 (including)
PortalCleverpathr4.71 (including)r4.71 (including)
Security_command_centerEtrustr1 (including)r1 (including)
Security_command_centerEtrustr8 (including)r8 (including)
Asset_and_portfolio_managementUnicenterr11 (including)r11 (including)
Database_command_centerUnicenterr11.1 (including)r11.1 (including)
Database_management_portalUnicenterr11 (including)r11 (including)
Enterprise_job_managerUnicenterr1_sp3 (including)r1_sp3 (including)
Management_portalUnicenterr2.0 (including)r2.0 (including)
Management_portalUnicenterr3.1 (including)r3.1 (including)
Management_portalUnicenterr11.0 (including)r11.0 (including)
Workload_control_centerUnicenterr1_sp4 (including)r1_sp4 (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use