Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ca vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-11658
CA API Developer Portal 4.3.1 and previous versions handles shared secret keys in an insecure manner, which allows malicious users to bypass authorization.
Broadcom Ca Api Developer Portal
9.8
CVSSv3
CVE-2020-8010
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
Broadcom Unified Infrastructure Management
Broadcom Unified Infrastructure Management 20.1
1 Github repository
9.8
CVSSv3
CVE-2020-8012
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
Broadcom Unified Infrastructure Management
Broadcom Unified Infrastructure Management 20.1
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2019-19518
CA Automic Sysload 5.6.0 up to and including 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote malicious users to execute arbitrary commands.
Broadcom Ca Automic Sysload
9.8
CVSSv3
CVE-2019-19230
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote malicious user to execute arbitrary code.
Broadcom Nolio 6.6
9.8
CVSSv3
CVE-2019-13658
CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote malicious user to execute arbitrary commands and compromise system security.
Broadcom Network Flow Analysis
Broadcom Network Flow Analysis 10.0.0
9.8
CVSSv3
CVE-2019-13656
An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote malicious user to execute arbitrary code.
Broadcom Ca Workload Automation Ae 11.3.6
Broadcom Ca Workload Automation Ae 11.3.5
Broadcom Ca Client Automation 14.0
9.8
CVSSv3
CVE-2018-19635
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
Ca Service Desk Manager 14.1
Broadcom Service Desk Manager 17.0
9.8
CVSSv3
CVE-2018-15691
Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and previous versions, allows malicious users to potentially execute arbitrary code.
Broadcom Release Automation
1 EDB exploit
9.8
CVSSv3
CVE-2018-13821
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote malicious users to conduct a variety of attacks, including file reading/writing.
Ca Unified Infrastructure Management 8.5
Ca Unified Infrastructure Management 8.4.7
Ca Unified Infrastructure Management 8.5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »