Unrated severityNVD Advisory· Published Mar 26, 2021· Updated Aug 3, 2024
CVE-2021-28249
CVE-2021-28249
Description
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is run. The code in the library will be executed as the root user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CA/eHealth Performance Managerdescription
- Range: <=6.3.2.12
Patches
Vulnerability mechanics
References
1- n4nj0.github.io/advisories/ca-ehealth-performance-manager/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.