VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 15, 2020· Updated Aug 4, 2024

CVE-2020-11659

CVE-2020-11659

Description

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A privileged user in CA API Developer Portal 4.3.1 and earlier can perform restricted user administration actions due to an access control flaw.

Vulnerability

CA API Developer Portal versions 4.3.1 and earlier contain an access control flaw in user administration functionality. This allows a privileged user to perform actions that should be restricted to higher-level administrators. [1]

Exploitation

An attacker authenticated as a privileged user (e.g., with administrative role) can exploit this flaw by sending crafted requests to the portal's user administration endpoints. No additional privileges or user interaction are required beyond having a privileged account. [1]

Impact

Successful exploitation allows the privileged user to perform restricted user administration actions, such as modifying user roles or privileges, leading to privilege escalation or unauthorized data access. The vendor rates the impact as low severity. [1]

Mitigation

Broadcom released a fix for this vulnerability. Affected customers should apply the vendor-supplied update. Details are available in the advisory from April 14, 2020. [1]

References
  1. Support Content Notification - Support Portal - Broadcom support portal

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.