Vulnerability Details : CVE-2019-19544
CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EOL) status on April 1, 2015.
Published
2020-01-08 17:15:11
Updated
2020-01-12 22:01:32
Products affected by CVE-2019-19544
- cpe:2.3:a:broadcom:ca_automic_dollar_universe:5.3.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-19544
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-19544
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2019-19544
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-19544
-
https://github.com/itm4n/CVEs/tree/master/ca-dollaru-uxdqmsrv-privesc
CVEs/ca-dollaru-uxdqmsrv-privesc at master · itm4n/CVEs · GitHubExploit;Third Party Advisory
Jump to