CVE 2018-9023

An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.

See the CVE page on Mitre.org for more details.