Broadcom

Ca Api Developer Portal

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2020-11658

  • EPSS 0.24%
  • Published 15.04.2020 21:15:34
  • Last modified 21.11.2024 04:58:20

CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.

4.3

CVE-2020-11659

  • EPSS 0.2%
  • Published 15.04.2020 21:15:34
  • Last modified 21.11.2024 04:58:20

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.

6.5

CVE-2020-11660

  • EPSS 0.36%
  • Published 15.04.2020 21:15:34
  • Last modified 21.11.2024 04:58:20

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.

6.1

CVE-2020-11665

  • EPSS 0.26%
  • Published 15.04.2020 20:15:15
  • Last modified 21.11.2024 04:58:21

CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.

8.8

CVE-2020-11666

  • EPSS 0.6%
  • Published 15.04.2020 20:15:15
  • Last modified 21.11.2024 04:58:21

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.

8.1

CVE-2020-11661

  • EPSS 0.34%
  • Published 15.04.2020 20:15:14
  • Last modified 21.11.2024 04:58:21

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.

7.5

CVE-2020-11662

  • EPSS 0.75%
  • Published 15.04.2020 20:15:14
  • Last modified 21.11.2024 04:58:21

CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.

6.1

CVE-2020-11663

  • EPSS 0.26%
  • Published 15.04.2020 20:15:14
  • Last modified 21.11.2024 04:58:21

CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.

6.1

CVE-2020-11664

  • EPSS 0.26%
  • Published 15.04.2020 20:15:14
  • Last modified 21.11.2024 04:58:21

CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.

6.1

CVE-2018-6590

  • EPSS 0.27%
  • Published 03.08.2018 14:29:00
  • Last modified 21.11.2024 04:10:57

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.