Shodan
Vulnerabilities
Vulnerable Software
Ca:  Security Vulnerabilities
CVE-2018-13826
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
CVSS Score
9.1
EPSS Score
0.005
Published
2018-08-30
CVE-2018-13819
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-08-30
CVE-2018-13820
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-08-30
CVE-2018-13821
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
CVSS Score
9.8
EPSS Score
0.05
Published
2018-08-30
CVE-2018-9027
A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-06-18
CVE-2018-6589
CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10.2.3 allows remote attackers to cause a denial of service via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.013
Published
2018-05-01
CVE-2018-8953
CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.
CVSS Score
8.8
EPSS Score
0.028
Published
2018-04-11
CVE-2018-8954
CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request.
CVSS Score
9.8
EPSS Score
0.142
Published
2018-04-11
CVE-2018-6586
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-03-29
CVE-2018-6587
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-03-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved