Vulnerabilities > Persistent Systems > Radia Client Automation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-16 | CVE-2015-1498 | Permissions, Privileges, and Access Controls vulnerability in Persistent Systems Radia Client Automation Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to (1) enumerate user accounts via a getUsers request, (2) assign a role to a user account via an addAssigneesToRole request, (3) remove a role from a user account via a removeAssigneesFromRole request, or (4) have other unspecified impact. | 10.0 |
| 2015-02-16 | CVE-2015-1497 | Code Injection vulnerability in Persistent Systems Radia Client Automation radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465. | 10.0 |