Title: [CAID 35277]: CA CleverPath Portal SQL Injection Vulnerability CA Vuln ID (CAID): 35277 CA Advisory Date: 2007-04-24 Reported By: Hacktics Ltd Impact: Local attacker can access confidential data. Summary: CA CleverPath Portal contains a vulnerability that can allow a local attacker to access confidential data. The vulnerability is due to insufficient filtering of SQL search queries. CA has issued a patch to address the vulnerability. Mitigating Factors: 1. Lite Search is required for this scenario. 2. Data can not be modified using this technique. 3. Attacker must have a valid username and password. Severity: CA has given this vulnerability a Low risk rating. Affected Products: BrightStor Portal 11.1 CleverPath Aion 10, 10.1, 10.2 CleverPath Portal 4.51, 4.7, 4.71 eTrust Security Command Center (eTrust SCC) 1, 8 Unicenter Argis Portfolio Asset Management 11 Unicenter Database Management Portal 11, 11.1 Unicenter Enterprise Job Manager (UEJM) 3, 11 Unicenter Management Portal (UMP) 2, 3.1, 11 Affected Platforms: All supported platforms Status and Recommendation: Customers using vulnerable versions of CleverPath Portal should apply the patch, which is available for download from http://supportconnect.ca.com. CleverPath Portal solution - QO87601 How to determine if the installation is affected: To determine if you are using the Lite Search feature, log in to the Portal Administration area. On the Global Properties page, you can view the current Search Engine configuration. Workaround: None available References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for this vulnerability: CleverPath Portal Security Notice http://supportconnectw.ca.com/public/cp/portal/infodocs/portal-secnot.asp Solution Document Reference APARs: QO87601 CA Security Advisor posting: CA CleverPath Portal SQL Injection Vulnerability http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=136879 CAID: 35277 CAID Advisory link: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35277 Reported By: Hacktics Ltd Hacktics advisory: Security Advisory: CA CleverPath SQL Injection http://www.hacktics.com/AdvCleverPathApr07.html CVE Reference: CVE-2007-2230 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2230 OSVDB Reference: OSVDB-34128 http://osvdb.org/34128 Changelog for this advisory: v1.0 - Initial Release Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com. For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com. If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research CA, 1 CA Plaza, Islandia, NY 11749 Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
