Technical Advisory – Authenticated SQL Injection in SOAP Request in Broadcom CA Network Flow Analysis (CVE-2021-44050)

Vendor: Broadcom Vendor URL: https://www.broadcom.com/ Systems Affected: CA Network Flow Analysis Versions affected: 9.3.8, 9.5, 10.0, 10.0.2, 10.0.3, 10.0.4, 10.0.5, 10.0.6, 10.0.7, 21.2.1 (Note: older, unsupported versions may be affected) Author: Anthony Ferrillo <anthony.ferrillo[at]nccgroup[dot]com> CVE Identifier: CVE-2021-44050 Advisory URL: https://support.broadcom.com/external/content/security-advisories/CA20211201-01-Security-Notice-for-CA-Network-Flow-Analysis/19689 Risk: Medium - 6.5 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) (Authenticated SQL Injection) Summary The Network Flow Analysis software (formerly … Continue reading Technical Advisory – Authenticated SQL Injection in SOAP Request in Broadcom CA Network Flow Analysis (CVE-2021-44050)