CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.
References
Configurations
History
21 Nov 2024, 02:19
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20141103-01-security-notice-for-ca-cloud-service-management.aspx - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/70923 - | |
References | () http://www.securitytracker.com/id/1031214 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/98535 - |
Information
Published : 2014-11-04 20:55
Updated : 2024-11-21 02:19
NVD link : CVE-2014-8472
Mitre link : CVE-2014-8472
CVE.ORG link : CVE-2014-8472
JSON object : View
Products Affected
ca
- cloud_service_management
CWE
CWE-287
Improper Authentication