Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Filtered by product Privileged Access Manager
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-7392 1 Broadcom 1 Privileged Access Manager 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
CVE-2018-9029 1 Broadcom 1 Privileged Access Manager 2024-11-21 7.5 HIGH 9.8 CRITICAL
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
CVE-2018-9028 1 Broadcom 1 Privileged Access Manager 2024-11-21 5.0 MEDIUM 7.5 HIGH
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
CVE-2018-9026 1 Broadcom 1 Privileged Access Manager 2024-11-21 5.0 MEDIUM 7.5 HIGH
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
CVE-2018-9025 1 Broadcom 1 Privileged Access Manager 2024-11-21 5.0 MEDIUM 7.5 HIGH
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
CVE-2018-9024 1 Broadcom 1 Privileged Access Manager 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
CVE-2018-9023 1 Broadcom 1 Privileged Access Manager 2024-11-21 9.0 HIGH 8.8 HIGH
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
CVE-2018-9022 1 Broadcom 1 Privileged Access Manager 2024-11-21 7.5 HIGH 9.8 CRITICAL
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
CVE-2018-9021 1 Broadcom 1 Privileged Access Manager 2024-11-21 7.5 HIGH 9.8 CRITICAL
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
CVE-2015-4664 2 Broadcom, Xceedium 2 Privileged Access Manager, Xsuite 2024-11-21 7.5 HIGH 9.8 CRITICAL
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.