Total Defense Security Vulnerabilities and Issues — Total Defense CVE List

BroadcomTotal Defense

4 matches found

CVE•added 2011/04/15 7:0 p.m.•131 views

CVE-2011-1655

CA Total Defense Suite UNCWS getDBConfigSettings vulnerability (CVE-2011-1655) affects UNC Server before SE2; management.asmx responds to SOAP requests and transmits database credentials in plaintext, enabling unauthenticated remote access to credentials and potential arbitrary code execution. Im...

7.5CVSS7.3AI score0.11975EPSS

CVE•added 2011/07/28 10:0 p.m.•52 views

CVE-2011-2667

CA Gateway Security (and CA Total Defense r12) is affected by CVE-2011-2667 due to a flawed URL parsing loop in the Icihttp.exe module, which can overflow heap memory on HTTP requests received on port 8080. This memory corruption can enable remote attackers to execute arbitrary code or trigger a ...

10CVSS8.1AI score0.16205EPSS

CVE•added 2011/04/15 7:0 p.m.•48 views

CVE-2011-1653

CA Total Defense UNCWS SQL Injection vulnerabilities (CVE-2011-1653) affect the Unified Network Control (UNC) Server in CA Total Defense Suite R12 pre-SE2. The issues arise from insufficient validation of request parameters in several UNCWS stored procedures (including DeleteReports and related f...

10CVSS8.1AI score0.88655EPSS

CVE•added 2011/04/15 7:0 p.m.•44 views

CVE-2011-1654

CVE-2011-1654 affects CA Total Defense Suite (r12) prior to SE2, via the Heartbeat Web Service (CA.Itm.Server.ManagementWS.dll) in the Management Server . An unauthenticated remote attacker can craft an upload to FileUploadHandler.ashx with malicious GUID parameter, enabling arbitrary code execut...

7.5CVSS7.9AI score0.11423EPSS