Lucene search
K

6 matches found

Check Point Advisories
Check Point Advisories
added 2014/07/16 12:0 a.m.8 views

CA ERwin Web Portal ConfigServiceProvider Remote File Creation (CVE-2014-2210)

A remote file creation/overwrite vulnerability exists in CA ERwin Web Portal. This vulnerability is due to lack of authentication and insufficient input validation in the ConfigServiceProvider servlet when processing HTTP requests. By sending crafted HTTP requests to the target system, a remote...

2.2AI score0.05289EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/06/02 12:0 a.m.4 views

CA ERwin Web Portal ConfigServiceProvider Information Disclosure (CVE-2014-2210)

An information disclosure vulnerability exists in CA ERwin Web Portal. Upon executing a successful attack, the server will give access to XML files which normally should not be accessible to external users. This vulnerability is due to lack of authentication and insufficient input validation in t...

6.3AI score0.05289EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/04/29 12:0 a.m.33 views

CA ERwin Web Portal 9.5 Multiple Directory Traversals

CA ERwin Web Portal version 9.5 with a build date before March 20, 2014 was detected on the remote host. This version contains multiple directory traversal vulnerabilities that an attacker could use to access sensitive information, or possibly execute arbitrary code. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS6.1AI score0.05289EPSS
Exploits1References4
seebug.org
seebug.org
added 2014/04/10 12:0 a.m.27 views

CA Erwin Web Portal目录遍历漏洞

Bugtraq ID:66644 CVE ID:CVE-2014-2210 CA ERwin Web Portal是基于网络的新界面CA ERwin网络门户。 CA ERwin Web Portal存在多个目录遍历漏洞,允许远程攻击者利用漏洞提交请求以WEB权限查看系统文件内容。 0 CA ERwin Web Portal 9.5 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=7F968A14-7407-4BCF-9EB1-EFE9F0E6D663...

7.5CVSS6.5AI score0.05289EPSS
Exploits1
securityvulns
securityvulns
added 2014/04/07 12:0 a.m.69 views

CA20140403-01: Security Notice for CA Erwin Web Portal

-----BEGIN PGP SIGNED MESSAGE----- CA20140403-01: Security Notice for CA Erwin Web Portal Issued: April 03, 2014 CA Technologies Support is alerting customers to multiple vulnerabilities with CA Erwin Web Portal. The vulnerabilities, CVE-2014-2210, occur due to insufficient path verification. A...

7.5CVSS1.1AI score0.05289EPSS
Exploits1
CVE
CVE
added 2014/04/04 3:0 p.m.62 views

CVE-2014-2210

CA ERwin Web Portal 9.5 (build date before 2014-03-20) contains multiple directory traversal vulnerabilities due to lack of authentication and insufficient input validation in components such as FileAccessServiceProvider, ProfileIconServlet, and ConfigServiceProvider (MIMM) across HTTP requests. ...

7.5CVSS8.3AI score0.05289EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder