Posted by Williams, Ken on Dec 16
CA20141215-01: Security Notice for CA LISA Release Automation
Issued: December 15, 2014
CA Technologies Support is alerting customers to multiple
vulnerabilities in CA Release Automation (formerly CA LISA Release
Automation, change effective 2014-09-19).
The first vulnerability, CVE-2014-8246, is a cross-site request forgery
(CSRF) issue related to insufficient validation. A remote attacker can
potentially execute privileged actions on a…