CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesnt allow a non-admin/non-root user to execute caf encrypt/sd_acmd encrypt commands.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.