Ca Api Developer Portal Security Vulnerabilities and Issues — Ca Api Developer Portal CVE List

BroadcomCa Api Developer Portal

10 matches found

CVE•added 2020/04/15 8:46 p.m.•59 views

CVE-2020-11658

CVE-2020-11658 affects the Broadcom/CA API Developer Portal (versions 4.3.1 and earlier). The root cause is insecure handling of shared secret keys, which can let an attacker bypass authorization. The issue is classified with high to critical impact (CVSS scores: CVSS v3.1 base 9.8, HIGH confiden...

9.8CVSS9.3AI score0.02009EPSS

CVE•added 2020/04/15 7:8 p.m.•57 views

CVE-2020-11661

CVE-2020-11661 affects Broadcom/CA API Developer Portal 4.3.1 and earlier. The available sources describe an access control flaw that enables privileged users to view and edit user data, constituting an improper access restriction vulnerability. The description is consistently echoed across multi...

8.1CVSS7.8AI score0.01887EPSS

CVE•added 2020/04/15 7:8 p.m.•57 views

CVE-2020-11663

The CVE-2020-11663 entry affects CA API Developer Portal versions up to 4.3.1. The root cause is insecure handling of 404 responses, which can enable open redirect attacks. Exploitation details or affected environments are not provided in the connected documents; no patch/version remediations are...

6.1CVSS6.2AI score0.01325EPSS

CVE•added 2020/04/15 8:47 p.m.•56 views

CVE-2020-11660

Technical details about CVE-2020-11660 are not publicly available in the provided documents beyond the general description of an access control flaw. Monitor for updates from vendors and security advisories to obtain specifics about affected versions, impact, and remediation.

6.5CVSS6.3AI score0.01371EPSS

CVE•added 2020/04/15 8:47 p.m.•53 views

CVE-2020-11659

CVE-2020-11659 affects CA API Developer Portal (Broadcom) 4.3.1 and earlier. The connected sources consistently describe an access-control flaw that lets privileged users perform a restricted user administration action, indicating a privilege-escalation risk affecting the portal’s admin functiona...

4.3CVSS4.5AI score0.00924EPSS

CVE•added 2020/04/15 7:2 p.m.•53 views

CVE-2020-11664

CVE-2020-11664 affects Broadcom CA API Developer Portal (versions 4.3.1 and earlier). The issue is an insecure handling of the homeRedirect page that enables open redirect attacks due to an input validation error. Multiple connected sources confirm the vulnerability and affected product scope; ex...

6.1CVSS6.2AI score0.01353EPSS

CVE•added 2020/04/15 7:8 p.m.•51 views

CVE-2020-11662

CVE-2020-11662 affects Broadcom CA API Developer Portal (4.3.1 and earlier). The root cause is insecure handling of Cross-Origin Resource Sharing (CORS), enabling remote attackers to access sensitive information via the portal. Exploitation details or explicit mitigations are not provided in the ...

7.5CVSS7.5AI score0.03203EPSS

CVE•added 2020/04/15 7:3 p.m.•51 views

CVE-2020-11666

CVE-2020-11666 affects the Broadcom/CA API Developer Portal up to version 4.3.1. The connected sources confirm an access control flaw that lets an attacker escalate privileges via a specially crafted request, i.e., a remote privilege-escalation vulnerability . The vulnerability is tied to imprope...

8.8CVSS8.6AI score0.03022EPSS

CVE•added 2020/04/15 7:3 p.m.•47 views

CVE-2020-11665

The CVE-2020-11665 entry concerns CA API Developer Portal, version 4.3.1 and earlier, where the loginRedirect page redirects are handled insecurely, enabling open redirect attacks. Affected product/component: Broadcom CA API Developer Portal (loginRedirect flow). Root cause: insecure handling of ...

6.1CVSS6.2AI score0.01569EPSS

CVE•added 2018/08/03 2:0 p.m.•46 views

CVE-2018-6590

CA API Developer Portal 4.x (before 4.2.5.3 and before 4.2.7.1) has a reflected cross-site scripting vulnerability. Root cause described as failure to filter HTML in user input; could allow remote attacker to execute arbitrary script in the user’s browser. Remediation: upgrade to 4.2.5.3+ or 4.2....

6.1CVSS6AI score0.00747EPSS