{"containers":{"cna":{"affected":[{"product":"CA Strong Authentication","vendor":"CA Technologies, A Broadcom Company","versions":[{"status":"affected","version":"9.0.x"},{"status":"affected","version":"8.2.x"},{"status":"affected","version":"8.1.x"},{"status":"affected","version":"8.0.x"},{"status":"affected","version":"7.1.x"}]},{"product":"CA Risk Authentication","vendor":"CA Technologies, A Broadcom Company","versions":[{"status":"affected","version":"9.0.x"},{"status":"affected","version":"8.2.x"},{"status":"affected","version":"8.1.x"},{"status":"affected","version":"8.0.x"},{"status":"affected","version":"3.1.x"}]}],"datePublic":"2019-05-23T00:00:00.000Z","descriptions":[{"lang":"en","value":"A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1021","description":"CWE-1021: Improper Restriction of Rendered UI Layers or Frames","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2019-05-30T03:06:01.000Z","orgId":"e291eae9-7c0a-46ac-ba7d-5251811f8b7f","shortName":"ca"},"references":[{"name":"20190527 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"https://seclists.org/bugtraq/2019/May/66"},{"tags":["x_refsource_MISC"],"url":"http://packetstormsecurity.com/files/153089/CA-Risk-Strong-Authentication-Privilege-Escalation.html"},{"name":"108483","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/108483"},{"tags":["x_refsource_CONFIRM"],"url":"https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190523-01--security-notice-for-ca-risk-authentication-and-ca-strong-authentication.html"},{"name":"20190529 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://seclists.org/fulldisclosure/2019/May/43"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.0.6"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"vuln@ca.com","DATE_PUBLIC":"2019-05-23T04:00:00.000Z","ID":"CVE-2019-7393","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"CA Strong Authentication","version":{"version_data":[{"version_affected":"=","version_name":"9","version_value":"9.0.x"},{"version_affected":"=","version_name":"8","version_value":"8.2.x"},{"version_affected":"=","version_name":"8","version_value":"8.1.x"},{"version_affected":"=","version_name":"8","version_value":"8.0.x"},{"version_name":"7","version_value":"7.1.x"}]}},{"product_name":"CA Risk Authentication","version":{"version_data":[{"version_affected":"=","version_name":"9","version_value":"9.0.x"},{"version_affected":"=","version_name":"8","version_value":"8.2.x"},{"version_affected":"=","version_name":"8","version_value":"8.1.x"},{"version_affected":"=","version_name":"8","version_value":"8.0.x"},{"version_name":"3","version_value":"3.1.x"}]}}]},"vendor_name":"CA Technologies, A Broadcom Company"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases."}]},"generator":{"engine":"Vulnogram 0.0.6"},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-1021: Improper Restriction of Rendered UI Layers or Frames"}]}]},"references":{"reference_data":[{"name":"20190527 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication","refsource":"BUGTRAQ","url":"https://seclists.org/bugtraq/2019/May/66"},{"name":"http://packetstormsecurity.com/files/153089/CA-Risk-Strong-Authentication-Privilege-Escalation.html","refsource":"MISC","url":"http://packetstormsecurity.com/files/153089/CA-Risk-Strong-Authentication-Privilege-Escalation.html"},{"name":"108483","refsource":"BID","url":"http://www.securityfocus.com/bid/108483"},{"name":"https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190523-01--security-notice-for-ca-risk-authentication-and-ca-strong-authentication.html","refsource":"CONFIRM","url":"https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190523-01--security-notice-for-ca-risk-authentication-and-ca-strong-authentication.html"},{"name":"20190529 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication","refsource":"FULLDISC","url":"http://seclists.org/fulldisclosure/2019/May/43"}]},"source":{"discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T20:46:46.208Z"},"title":"CVE Program Container","references":[{"name":"20190527 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"https://seclists.org/bugtraq/2019/May/66"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://packetstormsecurity.com/files/153089/CA-Risk-Strong-Authentication-Privilege-Escalation.html"},{"name":"108483","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/108483"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190523-01--security-notice-for-ca-risk-authentication-and-ca-strong-authentication.html"},{"name":"20190529 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2019/May/43"}]}]},"cveMetadata":{"assignerOrgId":"e291eae9-7c0a-46ac-ba7d-5251811f8b7f","assignerShortName":"ca","cveId":"CVE-2019-7393","datePublished":"2019-05-28T18:28:30.990Z","dateReserved":"2019-02-04T00:00:00.000Z","dateUpdated":"2024-09-16T19:19:28.204Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}