2 matches found
Code injection
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names...
CVE-2018-14597
The CVE-2018-14597 entry involves CA Technologies Identity Governance components: Identity Governance versions 12.6, 14.0, 14.1, and 14.2, and CA Identity Suite Virtual Appliance versions 14.0–14.2. The issue stems from verbose error messages that may allow remote attackers to enumerate account n...