Shodan
Vulnerabilities
Vulnerable Software
Broadcom:  >> Ca Api Developer Portal  >> 4.1  Security Vulnerabilities
CVE-2020-11658
CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-04-15
CVE-2020-11659
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-04-15
CVE-2020-11660
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-04-15
CVE-2020-11665
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-15
CVE-2020-11666
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.
CVSS Score
8.8
EPSS Score
0.018
Published
2020-04-15
CVE-2020-11661
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
CVSS Score
8.1
EPSS Score
0.013
Published
2020-04-15
CVE-2020-11662
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.
CVSS Score
7.5
EPSS Score
0.021
Published
2020-04-15
CVE-2020-11663
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-04-15
CVE-2020-11664
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-04-15
CVE-2018-6590
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-08-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved