2017-10-16 12:31:07 -04:00
{
2019-03-18 03:32:36 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org" ,
"ID" : "CVE-2014-8246" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2017-10-16 12:31:07 -04:00
{
2019-03-18 03:32:36 +00:00
"lang" : "eng" ,
"value" : "Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
2017-10-16 12:31:07 -04:00
}
2019-03-18 03:32:36 +00:00
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20141215-01-security-notice-for-ca-lisa-release-automation.aspx" ,
"refsource" : "CONFIRM" ,
"url" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20141215-01-security-notice-for-ca-lisa-release-automation.aspx"
} ,
{
"name" : "20141216 CA20141215-01: Security Notice for CA LISA Release Automation" ,
"refsource" : "FULLDISC" ,
"url" : "http://seclists.org/fulldisclosure/2014/Dec/55"
} ,
{
"name" : "VU#343060" ,
"refsource" : "CERT-VN" ,
"url" : "http://www.kb.cert.org/vuls/id/343060"
} ,
{
"name" : "20141215 CA20141215-01: Security Notice for CA LISA Release Automation" ,
"refsource" : "BUGTRAQ" ,
"url" : "http://www.securityfocus.com/archive/1/534246/100/0/threaded"
} ,
{
"name" : "1031375" ,
"refsource" : "SECTRACK" ,
"url" : "http://securitytracker.com/id?1031375"
}
]
}
}
