Improper access control

2020-04-1521:15:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.6%

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.

CPENameOperatorVersion
ca_api_developer_portalle4.3.1

CPE	Name	Operator	Version
	ca_api_developer_portal	le	4.3.1

References

packetstormsecurity.com/files/157276/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html

seclists.org/fulldisclosure/2020/Apr/24

techdocs.broadcom.com/us/product-content/status/announcement-documents/2020/CA20200414-01-Securit-Notice-for-CA-API-Developer-Portal.html