CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
cloud_service_management | le | 2014 |