Critical severity9.8NVD Advisory· Published Sep 22, 2017· Updated May 13, 2026
CVE-2017-9393
CVE-2017-9393
Description
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search.
Affected products
14cpe:2.3:a:ca:identity_manager:12.6:ga:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:ca:identity_manager:12.6:ga:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp1:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp2:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp3:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp4:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp5:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp6:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp7:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:12.6:sp8:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:14.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager:14.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:identity_manager_virtual_appliance:14.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ca:identity_manager_virtual_appliance:14.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:identity_manager_virtual_appliance:14.1:*:*:*:*:*:*:*
- CA Technologies/Identity Managerv5Range: 12.6 through 12.6 SP8
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/100956nvdThird Party AdvisoryVDB Entry
- support.ca.com/us/product-content/recommended-reading/security-notices/ca20170921-01--security-notice-for-ca-identity-manager.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.