43 matches found
EUVD-2018-6504
Malware in sbrugna...
EUVD-2019-16936
Malware in sbrugna...
EUVD-2019-16935
Malware in sbrugna...
CVE-2019-13656
An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code...
Code injection
An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code...
CVE-2019-13656
CVE-2019-13656 affects CA Technologies Client Automation components: CA Common Services DIA in CA Technologies Client Automation 14 and Workload Automation AE 11.3.5/11.3.6. Multiple sources (NVD/Red Hat/CNVD) describe an access control error that enables a remote attacker to execute arbitrary co...
CVE-2019-7393
A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases...
CVE-2019-7394
A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where a...
Privilege escalation
A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where a...
Authentication flaw
A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases...
CVE-2019-7393
A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases...
CVE-2019-7393
The CVE-2019-7393 entry describes a UI redress vulnerability in the administrative user interfaces of CA Technologies CA Strong Authentication (versions 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x) and CA Risk Authentication (versions 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x). The underlying issue is a UI redress...
CVE-2019-7394
Technical details about CVE-2019-7394 are not publicly provided in the supplied documents. Monitor for updates from NVD/CA notices for affected versions, vulnerable components, and fixes.
CVE-2019-7394
A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where a...
CVE-2018-14597
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names...
Code injection
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names...
CVE-2018-14597
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names...
CVE-2018-14597
The CVE-2018-14597 entry involves CA Technologies Identity Governance components: Identity Governance versions 12.6, 14.0, 14.1, and 14.2, and CA Identity Suite Virtual Appliance versions 14.0–14.2. The issue stems from verbose error messages that may allow remote attackers to enumerate account n...
A few words about Gartner’s “Magic Quadrant for Application Security Testing” 2018
February and March are the hot months for marketing reports. I already wrote about IDC and Forrester reports about Vulnerability Management-related markets. And this Monday, March 19, Gartner released new "Magic Quadrant for Application Security Testing". You can buy it on the official website fo...
Identity Governance 12.6 Cross Site Scripting Vulnerability
Exploit for windows platform in category web applications Security Notice for CA Identity Governance CA Technologies support is alerting customers to a potential risk with CA Identity Governance. A vulnerability exists that can potentially allow a malicious actor to conduct cross-site scripting...