Broadcom: >> Privileged Access Manager >> 2.8.4.1 Security Vulnerabilities
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-06-18
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
CVSS Score
5.3
EPSS Score
0.008
Published
2018-06-18
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-06-18
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-06-18
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
CVSS Score
7.5
EPSS Score
0.001
Published
2018-06-18
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-06-18