Skip to main content

Cloud Service Management

4 CVEs product

Monthly

CVE-2014-8474 HIGH PATCH This Week

CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service XXE Cloud Service Management
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2014-8473 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Cloud Service Management
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2014-8472 MEDIUM PATCH This Month

CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Cloud Service Management
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2014-8471 MEDIUM PATCH This Month

CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Cloud Service Management
NVD
CVSS 2.0
4.3
EPSS
0.4%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service XXE Cloud Service Management
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Cloud Service Management
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Cloud Service Management
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Cloud Service Management
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy