Computer Associates Control IT contains a flaw that may lead to an unauthorized password exposure. Control IT address book function allows users to save usernames and passwords with weak encryption in a file. It is possible for a local attacker to read and decrypt the file and gain access to passwords, which may lead to a loss of confidentiality and integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, Computer Associates has released a patch to address this vulnerability.