8.1

CVE-2016-10086

RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CaService Desk Management Version14.1
   IbmAix
   LinuxLinux Kernel
   MicrosoftWindows
   OracleSolaris
CaService Desk Manager Version12.9
   IbmAix
   LinuxLinux Kernel
   MicrosoftWindows
   OracleSolaris
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.72% 0.716
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.1 2.8 5.2
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov 5.5 8 4.9
AV:N/AC:L/Au:S/C:P/I:P/A:N
http://www.securityfocus.com/bid/95366
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037583
Third Party Advisory
VDB Entry