{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"CA eTrust Admin 8.1 SP2 (8.1.2) ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA eTrust Admin 8.1 (8.1.0).","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CA eTrust Admin 8.1 SP1 (8.1.1) ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans le composant GINA (Graphical\nIdentification and Authentification) du logiciel eTrust permet \u00e0 une\npersonne malveillante authentifi\u00e9e localement ou \u00e0 distance (via la\nconnexion au bureau \u00e0 distance) d'\u00e9lever ses privil\u00e8ges en utilisant\nl'interface de r\u00e9initialisation de mots de passe.\n\n## Solution\n\nLa version 8.1 SP2 CR6 de CA eTrust Admin corrige le probl\u00e8me. Se\nr\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-1345","url":"https://www.cve.org/CVERecord?id=CVE-2007-1345"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Computer Associates 35145 du 08 mars    2007 :","url":"http://www.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35145"}],"reference":"CERTA-2007-AVI-115","revisions":[{"description":"version initiale.","revision_date":"2007-03-09T00:00:00.000000"}],"risks":[{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans un composant de Computer Associates\neTrust Admin permet d'\u00e9lever ses privil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 de Computer Associates eTrust Admin","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Computer Associates 35145 du 08 mars 2007","url":null}]}