4 matches found
CVE-2018-19634
CVE-2018-19634 affects CA Service Desk Manager versions 14.1 and 17. A vulnerability could allow a malicious actor to access survey information. Public sources list impact and attribution, with NVD noting network access and no authentication required (CVSSv3.1: 7.5, HIGH; Confidentiality impact H...
CVE-2016-9148
CA Service Desk Manager (versions 12.9 and 14.1) contains a cross-site scripting (XSS) vulnerability that allows an attacker to inject arbitrary script or HTML via the QBE.EQ.REF_NUM parameter. The issue is described in CVE-2016-9148 and is tracked in multiple feeds; CVSS metrics indicate a NETWO...
CVE-2016-10086
CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 contain a RESTful services vulnerability (CVE-2016-10086) where remote authenticated users could read or modify task information due to incorrect permissions on RESTful requests. The affected components are REST endpoints handling t...
CVE-2018-19635
CA Service Desk Manager versions 14.1 and 17 contain a privilege-escalation vulnerability in the user interface (CVE-2018-19635). The connected sources confirm the affected product and impact but do not provide exploit vectors, affected components beyond the UI, root cause specifics, or a publish...