Vulnerability Details CVE-2018-14597
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.9%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/105688
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20181017-01-security-notice-for-ca-identity-governance.html
- http://www.securityfocus.com/bid/105688
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20181017-01-security-notice-for-ca-identity-governance.html
Products affected by CVE-2018-14597
-
cpe:2.3:a:broadcom:ca_identity_governance:12.6
-
cpe:2.3:a:broadcom:ca_identity_governance:14.0
-
cpe:2.3:a:broadcom:ca_identity_governance:14.2
-
cpe:2.3:a:broadcom:ca_identity_suite_virtual_appliance:14.0
-
cpe:2.3:a:broadcom:ca_identity_suite_virtual_appliance:14.2