CVE-2011-1653

Multiple SQL injection vulnerabilities in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 allow remote attackers to execute arbitrary SQL commands via vectors involving the 1 UnAssignFunctionalRoles, 2 UnassignAdminRoles, 3 DeleteFilter, 4 NonAssignedUserList, 5...

CVE-2011-1655

The management.asmx module in the Management Web Service in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and...

CVE-2011-1655

The management.asmx module in the Management Web Service in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and...

Code injection

The management.asmx module in the Management Web Service in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and...

CVE-2011-1655

CA Total Defense Suite UNCWS getDBConfigSettings vulnerability (CVE-2011-1655) affects UNC Server before SE2; management.asmx responds to SOAP requests and transmits database credentials in plaintext, enabling unauthenticated remote access to credentials and potential arbitrary code execution. Im...