Shodan
Vulnerabilities
Vulnerable Software
Broadcom:  Security Vulnerabilities
CVE-2020-11660
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-04-15
CVE-2020-11665
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-15
CVE-2020-11666
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.
CVSS Score
8.8
EPSS Score
0.006
Published
2020-04-15
CVE-2020-11661
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
CVSS Score
8.1
EPSS Score
0.003
Published
2020-04-15
CVE-2020-11662
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.
CVSS Score
7.5
EPSS Score
0.008
Published
2020-04-15
CVE-2020-11663
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-15
CVE-2020-11664
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-15
CVE-2019-18375
The ASG and ProxySG management consoles are susceptible to a session hijacking vulnerability. A remote attacker, with access to the appliance management interface, can hijack the session of a currently logged-in user and access the management console.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-04-10
CVE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
CVSS Score
6.1
EPSS Score
0.11
Published
2020-04-02
CVE-2019-20549
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. A heap out-of-bounds access can occur during LE Packet reception in Broadcom Bluetooth. The Samsung ID is SVE-2019-15724 (November 2019).
CVSS Score
9.8
EPSS Score
0.001
Published
2020-03-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved