Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
20 vulnerabilities found for privileged_access_manager by broadcom
CVE-2019-7392 (GCVE-0-2019-7392)
Vulnerability from cvelistv5 – Published: 2019-02-26 18:00 – Updated: 2024-08-04 20:46
VLAI
Summary
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/107040 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_MISC |
Date Public
2019-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107040"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-27T10:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "107040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107040"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"ID": "CVE-2019-7392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107040"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "MISC",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2019-7392",
"datePublished": "2019-02-26T18:00:00.000Z",
"dateReserved": "2019-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:46:46.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9022 (GCVE-0-2018-9022)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-17 01:51
VLAI
Summary
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/155576/Broad… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.8.2 and earlier
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.8.2 and earlier"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-05T22:06:08.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.8.2 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"name": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9022",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:51:32.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9026 (GCVE-0-2018-9026)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-16 19:10
VLAI
Summary
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
Severity
No CVSS data available.
CWE
- Session Fixation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Session Fixation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Session Fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9026",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:10:25.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9029 (GCVE-0-2018-9029)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-17 00:06
VLAI
Summary
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9029",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:06:35.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4664 (GCVE-0-2015-4664)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-08-06 06:18
VLAI
Summary
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/132809/Xceed… | x_refsource_MISC |
| http://www.modzero.ch/advisories/MZ-15-02-Xceediu… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/37708/ | exploitx_refsource_EXPLOIT-DB |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.4.4.4 and earlier
|
Date Public
2015-07-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt"
},
{
"name": "37708",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37708/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.4.4.4 and earlier"
}
]
}
],
"datePublic": "2015-07-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-19T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt"
},
{
"name": "37708",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37708/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"ID": "CVE-2015-4664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.4.4.4 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"name": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html"
},
{
"name": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt",
"refsource": "MISC",
"url": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt"
},
{
"name": "37708",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37708/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2015-4664",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2015-06-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:18:12.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9023 (GCVE-0-2018-9023)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-16 22:01
VLAI
Summary
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9023",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:01:45.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9025 (GCVE-0-2018-9025)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-16 22:35
VLAI
Summary
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9025",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:35:11.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9021 (GCVE-0-2018-9021)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-16 16:43
VLAI
Summary
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/155576/Broad… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.8.2 and earlier
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.8.2 and earlier"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-05T22:06:09.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.8.2 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"name": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9021",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:43:19.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9028 (GCVE-0-2018-9028)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-16 23:15
VLAI
Summary
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
Severity
No CVSS data available.
CWE
- Weak Cryptography for Passwords
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Cryptography for Passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Cryptography for Passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9028",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:15:27.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9024 (GCVE-0-2018-9024)
Vulnerability from cvelistv5 – Published: 2018-06-18 18:00 – Updated: 2024-09-16 16:18
VLAI
Summary
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
Severity
No CVSS data available.
CWE
- Improper Authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9024",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:18:45.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7392 (GCVE-0-2019-7392)
Vulnerability from nvd – Published: 2019-02-26 18:00 – Updated: 2024-08-04 20:46
VLAI
Summary
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/107040 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_MISC |
Date Public
2019-02-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:46.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107040"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-02-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-27T10:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "107040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107040"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"ID": "CVE-2019-7392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107040"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "MISC",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/CA20190212-01--security-notice-for-ca-privileged-access-manager.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2019-7392",
"datePublished": "2019-02-26T18:00:00.000Z",
"dateReserved": "2019-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:46:46.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9022 (GCVE-0-2018-9022)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-17 01:51
VLAI
Summary
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/155576/Broad… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.8.2 and earlier
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.8.2 and earlier"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-05T22:06:08.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.8.2 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"name": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9022",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:51:32.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9026 (GCVE-0-2018-9026)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-16 19:10
VLAI
Summary
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
Severity
No CVSS data available.
CWE
- Session Fixation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Session Fixation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Session Fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9026",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:10:25.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9029 (GCVE-0-2018-9029)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-17 00:06
VLAI
Summary
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.404Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9029",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:06:35.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4664 (GCVE-0-2015-4664)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-08-06 06:18
VLAI
Summary
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/132809/Xceed… | x_refsource_MISC |
| http://www.modzero.ch/advisories/MZ-15-02-Xceediu… | x_refsource_MISC |
| https://www.exploit-db.com/exploits/37708/ | exploitx_refsource_EXPLOIT-DB |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.4.4.4 and earlier
|
Date Public
2015-07-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt"
},
{
"name": "37708",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37708/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.4.4.4 and earlier"
}
]
}
],
"datePublic": "2015-07-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-19T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt"
},
{
"name": "37708",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37708/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"ID": "CVE-2015-4664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.4.4.4 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"name": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html"
},
{
"name": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt",
"refsource": "MISC",
"url": "http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt"
},
{
"name": "37708",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37708/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2015-4664",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2015-06-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:18:12.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9023 (GCVE-0-2018-9023)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-16 22:01
VLAI
Summary
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9023",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:01:45.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9025 (GCVE-0-2018-9025)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-16 22:35
VLAI
Summary
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
Severity
No CVSS data available.
CWE
- Improper Input Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9025",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:35:11.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9021 (GCVE-0-2018-9021)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-16 16:43
VLAI
Summary
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
Severity
No CVSS data available.
CWE
- Authentication Bypass
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
| http://packetstormsecurity.com/files/155576/Broad… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.8.2 and earlier
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.8.2 and earlier"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-05T22:06:09.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.8.2 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
},
{
"name": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9021",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:43:19.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9028 (GCVE-0-2018-9028)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-16 23:15
VLAI
Summary
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
Severity
No CVSS data available.
CWE
- Weak Cryptography for Passwords
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Cryptography for Passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Cryptography for Passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9028",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:15:27.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9024 (GCVE-0-2018-9024)
Vulnerability from nvd – Published: 2018-06-18 18:00 – Updated: 2024-09-16 16:18
VLAI
Summary
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
Severity
No CVSS data available.
CWE
- Improper Authentication
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104496 | vdb-entryx_refsource_BID |
| https://support.ca.com/us/product-content/recomme… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| CA Technologies | CA Privileged Access Manager |
Affected:
2.x
|
Date Public
2018-06-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CA Privileged Access Manager",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "2.x"
}
]
}
],
"datePublic": "2018-06-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-20T09:57:01.000Z",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "104496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-9024",
"datePublished": "2018-06-18T18:00:00.000Z",
"dateReserved": "2018-03-26T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:18:45.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}