CA ControlMinder JMX Console Authentication Bypass
Release Date: 2013-02-14
Last Update: 2013-04-30
Criticality level : Less critical
Impact : Security Bypass
Where : From local network
Solution Status: Vendor Patch
Software: CA ControlMinder 12.x
CA ControlMinder for Virtual Environments 2.x
CA has acknowledged a security issue in CA ControlMinder, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is reported in the following versions.
* CA ControlMinder for Windows versions 12.5, 12.6, and 12.6 SP1.
* CA ControlMinder for Linux versions 12.5, 12.6, and 12.6 SP1.
* CA ControlMinder SAM versions 12.5, 12.6, and 12.6 SP1.
* CA ControlMinder Upgrade version 12.6.
* CA ControlMinder for Virtual Environments version 2.0.
Apply update (please see the vendor's advisory for details).