Skip to main content

Ca Api Developer Portal

10 CVEs product

Monthly

CVE-2020-11660 MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2020-11659 MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ca Api Developer Portal
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-11658 CRITICAL Act Now

CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ca Api Developer Portal
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-11666 HIGH This Week

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2020-11665 MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Ca Api Developer Portal
NVD
CVSS 3.1
6.1
EPSS
1.6%
CVE-2020-11664 MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Ca Api Developer Portal
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-11663 MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Ca Api Developer Portal
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2020-11662 HIGH This Week

CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2020-11661 HIGH This Week

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
CVSS 3.1
8.1
EPSS
1.9%
CVE-2018-6590 MEDIUM This Month

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ca Api Developer Portal
NVD
CVSS 3.1
6.1
EPSS
0.7%
EPSS 1% CVSS 6.5
MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ca Api Developer Portal
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ca Api Developer Portal
NVD
EPSS 3% CVSS 8.8
HIGH This Week

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
EPSS 2% CVSS 6.1
MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Ca Api Developer Portal
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Ca Api Developer Portal
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Ca Api Developer Portal
NVD
EPSS 3% CVSS 7.5
HIGH This Week

CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
EPSS 2% CVSS 8.1
HIGH This Week

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ca Api Developer Portal
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ca Api Developer Portal
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy