Vulnerabilities in ca technologies

32 results

CVE-2018-19634—CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.EPSS 1.3%CVE-2018-13822—Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to accEPSS 1.3%CVE-2018-19635—CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.EPSS 1.2%CVE-2018-9024—An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.EPSS 1.1%CVE-2018-6588—CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer.EPSS 0.9%CVE-2018-6586—CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processinEPSS 0.9%CVE-2018-6587—CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable.EPSS 0.9%CVE-2018-9028—Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.EPSS 0.9%CVE-2018-13825—Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 aEPSS 0.9%CVE-2018-9027—A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with EPSS 0.9%CVE-2018-6590—CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.EPSS 0.7%CVE-2017-9394—A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated attackers to display HTML or execute EPSS 0.6%

← previouspage 2 / 2next →