Total
10 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7392 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration. | |||||
CVE-2018-9029 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks. | |||||
CVE-2018-9028 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking. | |||||
CVE-2018-9026 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. | |||||
CVE-2018-9025 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input. | |||||
CVE-2018-9024 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. | |||||
CVE-2018-9023 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script. | |||||
CVE-2018-9022 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file. | |||||
CVE-2018-9021 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests. | |||||
CVE-2015-4664 | 2 Broadcom, Xceedium | 2 Privileged Access Manager, Xsuite | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. |