Vulnerabilities in ca technologies

32 results

CVE-2015-4664—An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary EPSS 20.8%CVE-2018-9022—An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code oEPSS 20.4%CVE-2018-9021—An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commanEPSS 19.4%CVE-2018-15691—Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentiallyEPSS 16.8%CVE-2018-8954—CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request.EPSS 7.3%CVE-2019-13656CRITICALAn access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows aEPSS 5.8%CVE-2018-8953—CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.EPSS 2.8%CVE-2018-13821—A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attEPSS 2.7%CVE-2018-9023—An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing speEPSS 1.9%CVE-2018-13823—An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and beEPSS 1.9%CVE-2018-13826—An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and beEPSS 1.8%CVE-2018-9029—An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.EPSS 1.8%CVE-2018-13824—Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows rEPSS 1.8%CVE-2018-6589—CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10.2.3 allows remote attackers to cause a denial of service via unspecifEPSS 1.7%CVE-2017-9393—CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through EPSS 1.7%CVE-2018-9025—An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted inpEPSS 1.4%CVE-2018-13819—A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.EPSS 1.4%CVE-2018-13820—A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.EPSS 1.4%CVE-2018-14597—CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling EPSS 1.3%CVE-2018-9026—A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafteEPSS 1.3%

← previouspage 1 / 2next →