Cloud Service Management Security Vulnerabilities and Issues — Cloud Service Management CVE List

CaCloud Service Management

4 matches found

CVE•added 2014/11/04 8:0 p.m.•44 views

CVE-2014-8474

CA Cloud Service Management (CSM) prior to the Summer 2014 upgrade is affected by CVE-2014-8474, an XML External Entity (XXE) vulnerability. An attacker could exploit an XML document containing an external entity declaration and an entity reference to read arbitrary files, launch requests to intr...

7.5CVSS7.1AI score0.00831EPSS

CVE•added 2014/11/04 8:0 p.m.•37 views

CVE-2014-8472

CVE-2014-8472 affects CA Cloud Service Management prior to the Summer 2014 upgrade, where authentication tokens from an Identity Provider were not properly verified. This allowed a user-assisted remote attacker to bypass access restrictions via unspecified vectors. The issue was addressed in the ...

6.8CVSS7.1AI score0.0033EPSS

CVE•added 2014/11/04 8:0 p.m.•34 views

CVE-2014-8473

CVE-2014-8473 describes a cross-site request forgery vulnerability in CA Cloud Service Management (CSM) prior to the Summer 2014 upgrade. The flaw could allow remote attackers to hijack user sessions via unspecified vectors. The Security Notice (CA Technologies) states this issue was fixed in the...

6.8CVSS7.3AI score0.00182EPSS

CVE•added 2014/11/04 8:0 p.m.•31 views

CVE-2014-8471

CVE-2014-8471 affects CA Cloud Service Management (CSM) prior to the Summer 2014 upgrade, where replay attacks were possible via unspecified vectors. The Security Notice confirms four related vulnerabilities and states they were fixed in the Cloud Service Management Summer 2014 Upgrade, addressin...

4.3CVSS6.9AI score0.00377EPSS