Show filters
10 Total Results
Displaying 1-10 of 10
Sort by:
Attacker Value
Unknown

CVE-2020-11658

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-11659

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-11660

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-11666

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-11663

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-11665

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-11664

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-11662

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-11661

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-6590

Disclosure Date: August 03, 2018 (last updated November 27, 2024)
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0