QwikSec

Security Database

CVE

CWE

Training

CVE-2006-6641

Published: Dec 20, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

http://supportconnectw.ca.com/public/ca_common_docs/cpportal_secnot.asp

x_refsource_CONFIRM

20061221 [CAID 34876]: CA CleverPath Portal Session Inheritance Vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_SECTRACK

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34876

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.