Vulnerability Details CVE-2018-9028
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/104496
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html
- http://www.securityfocus.com/bid/104496
- https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html
Products affected by CVE-2018-9028
-
cpe:2.3:a:broadcom:privileged_access_manager:2.0.0
-
cpe:2.3:a:broadcom:privileged_access_manager:2.4.4.4
-
cpe:2.3:a:broadcom:privileged_access_manager:2.7.0
-
cpe:2.3:a:broadcom:privileged_access_manager:2.8.0
-
cpe:2.3:a:broadcom:privileged_access_manager:2.8.1
-
cpe:2.3:a:broadcom:privileged_access_manager:2.8.2
-
cpe:2.3:a:broadcom:privileged_access_manager:2.8.3
-
cpe:2.3:a:broadcom:privileged_access_manager:2.8.4.1