CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

seebug.org•added 2014/07/01 12:0 a.m.•33 views

CA 2E Web Option 8.1.2 - Authentication Bypass

No description provided by source. Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web Option Affected version: 8.1.2 Fixed version: N/A Reported by: Mike Emery Details: CA 2E Web Option r8.1.2 and potentially others, is...

5.1CVSS0.2AI score0.06129EPSS

Exploits6

Cvelist•added 2014/06/17 2:0 p.m.•15 views

CVE-2014-4189

Cross-site scripting XSS vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00285EPSS

Exploits0References4

Japan Vulnerability Notes•added 2014/06/12 2:43 a.m.•1 views

Multiple Vulnerabilities in Hitachi Tuning Manager and JP1/Performance Management - Manager Web Option

Overview Hitachi Tuning Manager and JP1/Performance Management - Manager Web Option contains cross-site scripting and cross-site request forgery CSRF vulnerabilities. These vulnerabilities can not be exploited, unless logging in these products. Impact A remote attackers could insert to malicious...

6.8CVSS6.8AI score0.00285EPSS

Exploits0References7

securityvulns•added 2014/04/01 12:0 a.m.•27 views

CA 2E Web Option session spooging

Pridictable session token...

5.1CVSS2.1AI score0.06129EPSS

Exploits6References1Affected Software1

securityvulns•added 2014/04/01 12:0 a.m.•50 views

CA20140218-01: Security Notice for CA 2E Web Option

CA20140218-01: Security Notice for CA 2E Web Option Issued: February 18, 2014 CA Technologies Support is alerting customers to a potential risk in CA 2E Web Option C2WEB. A vulnerability exists that can allow an attacker to exploit an authentication weakness and execute a session prediction attac...

5.1CVSS0.6AI score0.06129EPSS

Exploits6

seebug.org•added 2014/02/17 12:0 a.m.•35 views

CA 2E Web Option 8.1.2身份验证绕过漏洞

CVECAN ID: CVE-2014-1219 CA 2E Web Option是CA 2E应用Web接口开发工具。 CA 2E Web Option r8.1.2生成会议令牌的方式可以预测，在实现上存在安全漏洞，这可使远程攻击者绕过身份验证机制。 0 CA 2E Web Option 8.1.2 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.ca.com/us//media/files/productbriefs/cs3003-ca-2e-web-option.aspx Vulnerability title:...

5.1CVSS6.4AI score0.06129EPSS

Exploits6

NVD•added 2014/02/14 1:10 p.m.•8 views

CVE-2014-1219

CA 2E Web Option r8.1.2 accepts a predictable substring of a W2ESSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to...

5.1CVSS6.4AI score0.06129EPSS

Exploits6References2

Prion•added 2014/02/14 1:10 p.m.•13 views

Code injection

5.1CVSS7AI score0.06129EPSS

Exploits6References2Affected Software1

Cvelist•added 2014/02/13 10:0 p.m.•15 views

CVE-2014-1219

6.4AI score0.06129EPSS

Exploits6References2

CVE•added 2014/02/13 10:0 p.m.•51 views

CVE-2014-1219

CA 2E Web Option (r8.1.2) is affected by CVE-2014-1219 due to a predictable session token, W2E_SSNID, enabling unauthenticated privilege escalation by manipulating the end digits to hijack or terminate sessions. Affected product/version: CA 2E Web Option r8.1.2 (and potentially others). Root caus...

5.1CVSS6.5AI score0.06129EPSS

Exploits6References2Affected Software1

exploitpack•added 2014/02/13 12:0 a.m.•34 views

CA 2E Web Option 8.1.2 - Authentication Bypass

CA 2E Web Option 8.1.2 - Authentication Bypass Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web Option Affected version: 8.1.2 Fixed version: N/A Reported by: Mike Emery Details: CA 2E Web Option r8.1.2 and potentially...

5.1CVSS0.5AI score0.06129EPSS

Exploits6

0day.today•added 2014/02/13 12:0 a.m.•29 views

CA 2E Web Option 8.1.2 - Authentication Bypass Vulnerability

Exploit for multiple platform in category web applications Details: CA 2E Web Option r8.1.2 and potentially others, is vulnerable to unauthenticated privilege escalation via a predictable session token. The POST parameter session token W2ESSNID appears as follows:...

5.1CVSS0.1AI score0.06129EPSS

Exploits6

Exploit DB•added 2014/02/13 12:0 a.m.•47 views

CA 2E Web Option 8.1.2 - Authentication Bypass

Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web Option Affected version: 8.1.2 Fixed version: N/A Reported by: Mike Emery Details: CA 2E Web Option r8.1.2 and potentially others, is vulnerable to unauthenticated privilege...

5.1CVSS6.9AI score0.06129EPSS

Exploits6

Packet Storm•added 2014/02/13 12:0 a.m.•47 views

CA 2E Web Option 8.1.2 Privilege Escalation / Denial Of Service

This is a multi-part message in MIME format. ------=NextPart00101CF280B.6C29886A Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web...

5.1CVSS0.6AI score0.06129EPSS

Exploits6

Japan Vulnerability Notes•added 2013/02/22 11:9 a.m.•1 views

Multiple vulnerabilities in Hitachi Tuning Manager and JP1/Performance Management

Overview Hitachi Tuning Manager, JP1/Performance Management - Web Console, and JP1/Performance Management - Manager Web Option contain Cross-site scripting and cross-site request forgery CSRF vulnerabilities. These vulnerabilities can not be exploited, unless logging in these products. Impact A...

9CVSS6.8AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by