Shodan
Vulnerabilities
Vulnerable Software
Broadcom:  Security Vulnerabilities
CVE-2018-13824
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-08-30
CVE-2018-13825
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-08-30
CVE-2018-13826
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
CVSS Score
9.1
EPSS Score
0.004
Published
2018-08-30
CVE-2018-15691
Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.
CVSS Score
9.8
EPSS Score
0.417
Published
2018-08-30
CVE-2018-13822
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-08-30
CVE-2018-6590
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-08-03
CVE-2018-13112
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.
CVSS Score
7.5
EPSS Score
0.008
Published
2018-07-03
CVE-2015-4664
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
CVSS Score
9.8
EPSS Score
0.51
Published
2018-06-18
CVE-2018-9021
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
CVSS Score
9.8
EPSS Score
0.104
Published
2018-06-18
CVE-2018-9022
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
CVSS Score
9.8
EPSS Score
0.199
Published
2018-06-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved