CVE-2011-1718

The Web Agents component in CA SiteMinder R6 before SP6 CR2 and R12 before SP3 CR2 does not properly handle multi-line headers, which allows remote authenticated users to conduct impersonation attacks and gain privileges via crafted data.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:broadcom:siteminder:12.0:sp3:cr01:*:*:*:*:*
cpe:2.3:a:ca:siteminder:6:sp5_cr35:*:*:*:*:*:*

History

07 Nov 2023, 02:07

Type Values Removed Values Added
References
  • {'url': 'https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={1BF29B14-C5FB-4BD3-9113-68E2426E4381}', 'name': 'https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={1BF29B14-C5FB-4BD3-9113-68E2426E4381}', 'tags': ['Broken Link'], 'refsource': 'CONFIRM'}
  • () https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B1BF29B14-C5FB-4BD3-9113-68E2426E4381%7D -

Information

Published : 2011-04-27 01:25

Updated : 2024-02-28 11:41


NVD link : CVE-2011-1718

Mitre link : CVE-2011-1718

CVE.ORG link : CVE-2011-1718


JSON object : View

Products Affected

ca

  • siteminder

broadcom

  • siteminder
CWE
CWE-20

Improper Input Validation