Vulnerability Details CVE-2018-14597
CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 67.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/105688
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20181017-01-security-notice-for-ca-identity-governance.html
- http://www.securityfocus.com/bid/105688
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20181017-01-security-notice-for-ca-identity-governance.html
Products affected by CVE-2018-14597
-
cpe:2.3:a:broadcom:ca_identity_governance:12.6
-
cpe:2.3:a:broadcom:ca_identity_governance:14.0
-
cpe:2.3:a:broadcom:ca_identity_governance:14.2
-
cpe:2.3:a:broadcom:ca_identity_suite_virtual_appliance:14.0
-
cpe:2.3:a:broadcom:ca_identity_suite_virtual_appliance:14.2