7.5
CVE-2006-6641
- EPSS 1.24%
- Published 20.12.2006 00:28:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server.
Data is provided by the National Vulnerability Database (NVD)
Arcserve ≫ Brightstor Version11.1
Broadcom ≫ Cleverpath Portal Version <= 4.71
Cleverpath ≫ Aion Bpm Versionr10
Cleverpath ≫ Aion Bpm Versionr10.1
Cleverpath ≫ Aion Bpm Versionr10.2
Cleverpath ≫ Portal Versionr4.7
Cleverpath ≫ Portal Versionr4.51
Cleverpath ≫ Portal Versionr4.71
Etrust ≫ Security Command Center Versionr1
Etrust ≫ Security Command Center Versionr8
Unicenter ≫ Asset And Portfolio Management Versionr11
Unicenter ≫ Database Command Center Versionr11.1
Unicenter ≫ Database Management Portal Versionr11
Unicenter ≫ Enterprise Job Manager Versionr1_sp3
Unicenter ≫ Management Portal Versionr2.0
Unicenter ≫ Management Portal Versionr3.1
Unicenter ≫ Management Portal Versionr11.0
Unicenter ≫ Workload Control Center Versionr1_sp4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.24% | 0.783 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|