Lucene search
K

73 matches found

Prion
Prion
added 2020/04/15 8:15 p.m.16 views

Improper access control

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data...

5.5CVSS7.8AI score0.01887EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2020/04/15 8:15 p.m.14 views

Open redirect

CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks...

5.8CVSS6.2AI score0.01325EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2020/04/15 7:8 p.m.58 views

CVE-2020-11663

The CVE-2020-11663 entry affects CA API Developer Portal versions up to 4.3.1. The root cause is insecure handling of 404 responses, which can enable open redirect attacks. Exploitation details or affected environments are not provided in the connected documents; no patch/version remediations are...

6.1CVSS6.2AI score0.01325EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/04/15 7:8 p.m.29 views

CVE-2020-11663

CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks...

6.3AI score0.01325EPSS
Exploits0References4
CVE
CVE
added 2020/04/15 7:8 p.m.53 views

CVE-2020-11662

CVE-2020-11662 affects Broadcom CA API Developer Portal (4.3.1 and earlier). The root cause is insecure handling of Cross-Origin Resource Sharing (CORS), enabling remote attackers to access sensitive information via the portal. Exploitation details or explicit mitigations are not provided in the ...

7.5CVSS7.5AI score0.03203EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/04/15 7:8 p.m.16 views

CVE-2020-11662

CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information...

7.5AI score0.03203EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/04/15 7:8 p.m.17 views

CVE-2020-11661

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data...

8AI score0.01887EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/04/15 7:3 p.m.18 views

CVE-2020-11666

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges...

8.7AI score0.03022EPSS
Exploits0References4
CVE
CVE
added 2020/04/15 7:3 p.m.52 views

CVE-2020-11666

CVE-2020-11666 affects the Broadcom/CA API Developer Portal up to version 4.3.1. The connected sources confirm an access control flaw that lets an attacker escalate privileges via a specially crafted request, i.e., a remote privilege-escalation vulnerability . The vulnerability is tied to imprope...

8.8CVSS8.6AI score0.03022EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2020/04/15 7:3 p.m.48 views

CVE-2020-11665

The CVE-2020-11665 entry concerns CA API Developer Portal, version 4.3.1 and earlier, where the loginRedirect page redirects are handled insecurely, enabling open redirect attacks. Affected product/component: Broadcom CA API Developer Portal (loginRedirect flow). Root cause: insecure handling of ...

6.1CVSS6.2AI score0.01569EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/04/15 7:2 p.m.17 views

CVE-2020-11664

CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks...

6.3AI score0.01353EPSS
Exploits0References4
CVE
CVE
added 2020/04/15 7:2 p.m.55 views

CVE-2020-11664

CVE-2020-11664 affects Broadcom CA API Developer Portal (versions 4.3.1 and earlier). The issue is an insecure handling of the homeRedirect page that enables open redirect attacks due to an input validation error. Multiple connected sources confirm the vulnerability and affected product scope; ex...

6.1CVSS6.2AI score0.01353EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2018/08/03 2:29 p.m.3 views

CVE-2018-6590

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability...

6.1CVSS5.7AI score0.00747EPSS
Exploits0References2
NVD
NVD
added 2018/08/03 2:29 p.m.10 views

CVE-2018-6590

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability...

6.1CVSS6.1AI score0.00747EPSS
Exploits0References2
Prion
Prion
added 2018/08/03 2:29 p.m.10 views

Cross site scripting

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability...

4.3CVSS6AI score0.00747EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/08/03 2:0 p.m.14 views

CVE-2018-6590

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability...

6.1AI score0.00747EPSS
Exploits0References2
CVE
CVE
added 2018/08/03 2:0 p.m.46 views

CVE-2018-6590

CA API Developer Portal 4.x (before 4.2.5.3 and before 4.2.7.1) has a reflected cross-site scripting vulnerability. Root cause described as failure to filter HTML in user input; could allow remote attacker to execute arbitrary script in the user’s browser. Remediation: upgrade to 4.2.5.3+ or 4.2....

6.1CVSS6AI score0.00747EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/03/29 1:29 p.m.3 views

CVE-2018-6586

CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing...

6.1CVSS5.7AI score0.00915EPSS
Exploits0References2
Prion
Prion
added 2018/03/29 1:29 p.m.12 views

Cross site scripting

CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer...

4.3CVSS6AI score0.00915EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/03/29 1:29 p.m.12 views

Cross site scripting

CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing...

4.3CVSS5.9AI score0.00915EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder