Medium severity5.5NVD Advisory· Published May 6, 2017· Updated May 13, 2026

CVE-2017-8391

Description

The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.

Affected products

Ca/Client Automation3 versions
cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*
- cpe:2.3:a:ca:client_automation:r14.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:client_automation:r14.0:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/98344nvdThird Party AdvisoryVDB Entry
www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.htmlnvdVendor Advisory
www.securitytracker.com/id/1038410nvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000