CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data.
2021-12-02T19:15:08.547
2024-11-21T06:30:18.123
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | broadcom | ca_network_flow_analysis | < 21.2.2 | Yes |
| Operating System | microsoft | windows_server_2012 | r2 | No |
| Operating System | microsoft | windows_server_2016 | - | No |
| Operating System | microsoft | windows_server_2019 | - | No |