This Metasploit module enumerates databases on CouchDB using the REST API (without authentication by default).
2942d69e8cd376e67d7cb3531714d06e9b22d6dd3d9fe3f3f432e8930a09dad3
CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Performance Management. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published solutions to address the vulnerabilities and recommends that all affected customers implement these solutions. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the Performance Center server. CA Performance Management versions 3.7.x prior to 3.7.4, 3.6.x prior to 3.6.9, and 3.5.x are affected.
ae8d8b44256d64ee5630fb610497bd1bcc5284b37b70d83e537a7ef5dc4ec846
CA Technologies, a Broadcom Company, is alerting customers to a potential risk with CA Network Flow Analysis. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA published a solution to address the vulnerabilities and recommends that all affected customers implement this solution. The vulnerability occurs due to default credentials and a configuration weakness. A malicious actor may use the default credentials and exploit a weakness in the configuration to execute arbitrary commands on the CA Network Flow Analysis server. Versions 9.x and 10.0.x are affected.
a8f4e8e65f778532ff67e151bdf00b3bd45c373dffe3db0912ad2976fbfa9ec9