18 matches found
EUVD-2014-8308
Malware in sbrugna...
EUVD-2014-8309
Malware in sbrugna...
EUVD-2014-8310
Malware in sbrugna...
CA Cloud Service Management multiple security vulnerabilities
Replay-атаки, XSS, XXE, token validation vulnerability...
CVE-2014-8472
CA Cloud Service Management CSM before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors...
CVE-2014-8471
CA Cloud Service Management CSM before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors...
CVE-2014-8474
CA Cloud Service Management CSM before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an external entity declaration in conjunction with an entity reference...
CVE-2014-8473
Cross-site request forgery CSRF vulnerability in CA Cloud Service Management CSM before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Xxe
CA Cloud Service Management CSM before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an external entity declaration in conjunction with an entity reference...
Authentication flaw
CA Cloud Service Management CSM before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in CA Cloud Service Management CSM before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2014-8471
CA Cloud Service Management CSM before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors...
CVE-2014-8472
CA Cloud Service Management CSM before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors...
CVE-2014-8472
CVE-2014-8472 affects CA Cloud Service Management prior to the Summer 2014 upgrade, where authentication tokens from an Identity Provider were not properly verified. This allowed a user-assisted remote attacker to bypass access restrictions via unspecified vectors. The issue was addressed in the ...
CVE-2014-8474
CA Cloud Service Management (CSM) prior to the Summer 2014 upgrade is affected by CVE-2014-8474, an XML External Entity (XXE) vulnerability. An attacker could exploit an XML document containing an external entity declaration and an entity reference to read arbitrary files, launch requests to intr...
CVE-2014-8471
CVE-2014-8471 affects CA Cloud Service Management (CSM) prior to the Summer 2014 upgrade, where replay attacks were possible via unspecified vectors. The Security Notice confirms four related vulnerabilities and states they were fixed in the Cloud Service Management Summer 2014 Upgrade, addressin...
CVE-2014-8473
CVE-2014-8473 describes a cross-site request forgery vulnerability in CA Cloud Service Management (CSM) prior to the Summer 2014 upgrade. The flaw could allow remote attackers to hijack user sessions via unspecified vectors. The Security Notice (CA Technologies) states this issue was fixed in the...
Windows Azure Pack: Tenant Public API
Windows Azure Pack: Tenant Public API...