Vulnerability Details CVE-2010-1221
CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/archive/1/510564/100/0/threaded
- http://www.securityfocus.com/bid/39244
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869
- http://www.securityfocus.com/archive/1/510564/100/0/threaded
- http://www.securityfocus.com/bid/39244
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869
Products affected by CVE-2010-1221
-
cpe:2.3:a:ca:xosoft_content_distribution:r12.0
-
cpe:2.3:a:ca:xosoft_content_distribution:r12.5
-
cpe:2.3:a:ca:xosoft_high_availability:r12.0
-
cpe:2.3:a:ca:xosoft_high_availability:r12.5
-
cpe:2.3:a:ca:xosoft_replication:r12.0
-
cpe:2.3:a:ca:xosoft_replication:r12.5