8 matches found
CVE-2014-8471
CA Cloud Service Management CSM before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors...
CVE-2014-8474
CA Cloud Service Management CSM before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via an XML document containing an external entity declaration in conjunction with an entity reference...
CVE-2014-8473
Cross-site request forgery CSRF vulnerability in CA Cloud Service Management CSM before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in CA Cloud Service Management CSM before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2014-8474
CA Cloud Service Management (CSM) prior to the Summer 2014 upgrade is affected by CVE-2014-8474, an XML External Entity (XXE) vulnerability. An attacker could exploit an XML document containing an external entity declaration and an entity reference to read arbitrary files, launch requests to intr...
CVE-2014-8473
Cross-site request forgery CSRF vulnerability in CA Cloud Service Management CSM before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2014-8472
CVE-2014-8472 affects CA Cloud Service Management prior to the Summer 2014 upgrade, where authentication tokens from an Identity Provider were not properly verified. This allowed a user-assisted remote attacker to bypass access restrictions via unspecified vectors. The issue was addressed in the ...
CVE-2014-8471
CA Cloud Service Management CSM before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors...