2 matches found
CVE-2011-1655
CA Total Defense Suite UNCWS getDBConfigSettings vulnerability (CVE-2011-1655) affects UNC Server before SE2; management.asmx responds to SOAP requests and transmits database credentials in plaintext, enabling unauthenticated remote access to credentials and potential arbitrary code execution. Im...
CVE-2011-1653
CA Total Defense UNCWS SQL Injection vulnerabilities (CVE-2011-1653) affect the Unified Network Control (UNC) Server in CA Total Defense Suite R12 pre-SE2. The issues arise from insufficient validation of request parameters in several UNCWS stored procedures (including DeleteReports and related f...