CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CA SiteMinder Federation FSS 12.5, 12.0, and r6; Federation Standalone 12.1 and 12.0; Agent for SharePoint 2010; and SiteMinder for Secure Proxy Server 6.0, 12.0, and 12.5 does not properly verify XML signatures for SAML statements, which allows remote attackers to spoof other users and gain...

7.5CVSS7.1AI score0.00585EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:42 a.m.•4 views

CVE-2011-4054

Cross-site scripting XSS vulnerability in login.fcc in CA SiteMinder R6 SP6 before CR7 and R12 SP3 before CR8 allows remote attackers to inject arbitrary web script or HTML via the postpreservationdata parameter...

4.3CVSS5.8AI score0.00894EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 8:1 p.m.•7 views

CVE-2009-2705

CA SiteMinder allows remote attackers to bypass cross-site scripting XSS protections for J2EE applications via a request containing non-canonical, "overlong Unicode" in place of blacklisted characters...

4.3CVSS6AI score0.01509EPSS

Exploits1References1

Tenable Nessus•added 2023/05/31 12:0 a.m.•11 views

CA SiteMinder WebAgent Cross-Site Scripting

CA SiteMinder is an unified access management platform which provides Single Sign-On features and identity federation for seamless access. CA SiteMinder WebAgent, one of this platform components, suffers from a Cross-Site Scripting XSS vulnerability through some fcc endpoints. By crafting a...

4.3CVSS6.2AI score0.01442EPSS

Exploits1References4

NVD•added 2013/10/29 3:42 a.m.•14 views

CVE-2013-5968

Cross-site scripting XSS vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " double quote character...

4.3CVSS5.6AI score0.00366EPSS

Exploits0References5

Prion•added 2013/10/29 3:42 a.m.•18 views

Cross site scripting

4.3CVSS6.1AI score0.00366EPSS

Exploits0References5Affected Software2

CVE•added 2013/10/29 1:0 a.m.•58 views

CVE-2013-5968

CVE-2013-5968 is a cross-site scripting (XSS) vulnerability affecting CA SiteMinder 12.0–12.51 and SiteMinder 6 Web Agents. The issue allows remote attackers to inject arbitrary script or HTML via vectors involving the double-quote character. The NVD entry lists a Medium severity (CVSSv2 base sco...

4.3CVSS5.7AI score0.00366EPSS

Exploits0References5Affected Software1

Cvelist•added 2013/10/29 1:0 a.m.•15 views

CVE-2013-5968

5.6AI score0.00366EPSS

Exploits0References5

securityvulns•added 2013/10/28 12:0 a.m.•54 views

CA SiteMinder crossite scripting

No description provided...

4.3CVSS1.8AI score0.00366EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/03/24 12:0 a.m.•27 views

CA SiteMinder privilege escalation

Invalid SAML signature verification...

7.5CVSS3.5AI score0.00585EPSS

Exploits0References1Affected Software3

NVD•added 2013/03/21 5:55 p.m.•10 views

CVE-2013-2279

7.5CVSS6.8AI score0.00585EPSS

Exploits0References4

Prion•added 2013/03/21 5:55 p.m.•11 views

Code injection

7.5CVSS7.4AI score0.00585EPSS

Exploits0References4

Cvelist•added 2013/03/21 5:0 p.m.•15 views

CVE-2013-2279

6.8AI score0.00585EPSS

Exploits0References4

CVE•added 2013/03/21 5:0 p.m.•44 views

CVE-2013-2279

The CVE-2013-2279 issue affects CA SiteMinder Federation (FSS) 12.5/12.0 and r6, Federation Standalone 12.1/12.0, Agent for SharePoint 2010, and SiteMinder for Secure Proxy Server (6.0/12.0/12.5). Root cause: inadequate verification of XML signatures in SAML statements, enabling remote attackers ...

7.5CVSS7AI score0.00585EPSS

Exploits0References4Affected Software8

OpenVAS•added 2011/12/19 12:0 a.m.•257 views

CA SiteMinder 'target' Parameter Cross-Site Scripting Vulnerability

CA SiteMinder is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.6AI score0.00894EPSS

Exploits0References5

securityvulns•added 2011/12/11 12:0 a.m.•58 views

CA20111208-01: Security Notice for CA SiteMinder

CA20111208-01: Security Notice for CA SiteMinder Issued: December 08, 2011 CA Technologies Support is alerting customers to a potential risk in CA SiteMinder. A vulnerability exists that can allow a malicious user to execute a reflected cross site scripting XSS attack. CA Technologies has issued...

4.3CVSS0.4AI score0.00894EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by