CVE-2022-3602 & CVE-2022-3786 - CA Client Automation
Article ID: 253239
Updated On:
Products
CA Client Automation
CA Client Automation - Asset Intelligence
CA Client Automation - Asset Management
CA Client Automation - Desktop Migration Manager
CA Client Automation - IT Client Manager
CA Client Automation - Patch Manager
CA Client Automation - Remote Control
CA Client Automation - Software Delivery
Issue/Introduction
CVE-2022-3602 & CVE-2022-3786 was published in the National Vulnerability Database on November 1st, 2022. More information can be found here
CVE: CVE-2022-3602 - High
Base CVSS 3.1 Score: 8.5
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
CVE: CVE-2022-3786 - High
Base CVSS 3.1 Score: 7.1
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
The vulnerability is caused with the use of OpenSSL versions 3.0 and above.
Is the CA Client Automation solution vulnerable?
Environment
CA Client Automation
All Supported Operating Systems
Resolution
CA Client Automation does NOT use a vulnerable version of OpenSSL and therefore is NOT impacted by this vulnerability.
Feedback
Yes
No
Powered by
