CVE Tools

ca

Enterprise SoftwareUScommercial

119

Cumulative CVEs

55

Monthly snapshots

#7

Peak rank

Top products

risk authentication2 strong authentication2

Latest CVEs

The 15 most recently published vulnerabilities affecting ca.

CVE-2021-28250CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the sc...7.8Mar 26, 2021
CVE-2021-28249CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a mali...8.8Mar 26, 2021
CVE-2021-28247CA eHealth Performance Manager through 6.3.2.12 is affected by Cross Site Scripting (XSS). The impact is: An authenticated remote user is able to inject arbitrary web script or HTML due to incorrec...5.4Mar 26, 2021
CVE-2019-7393A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, ...4.3May 28, 2019
CVE-2019-7394A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1....8.8May 28, 2019
CVE-2018-19635CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.9.8Jan 22, 2019
CVE-2018-19634CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.7.5Jan 22, 2019
CVE-2018-13826An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side reque...9.1Aug 30, 2018
CVE-2018-13825Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cr...6.1Aug 30, 2018
CVE-2018-13824Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.9.8Aug 30, 2018
CVE-2018-13823An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive informat...7.5Aug 30, 2018
CVE-2018-13821A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.9.8Aug 30, 2018
CVE-2018-13820A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.7.5Aug 30, 2018
CVE-2018-13819A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.7.5Aug 30, 2018
CVE-2018-9027A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link.6.1Jun 18, 2018