Broadcom: >> Privileged Access Manager >> 2.0.0 Security Vulnerabilities
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
CVSS Score
9.8
EPSS Score
0.593
Published
2018-06-18
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
CVSS Score
9.8
EPSS Score
0.176
Published
2018-06-18
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
CVSS Score
9.8
EPSS Score
0.312
Published
2018-06-18
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-06-18
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
CVSS Score
5.3
EPSS Score
0.008
Published
2018-06-18
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-06-18
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-06-18
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
CVSS Score
7.5
EPSS Score
0.001
Published
2018-06-18
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-06-18