VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 15, 2020· Updated Aug 4, 2024

CVE-2020-11660

CVE-2020-11660

Description

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An access control flaw in CA API Developer Portal 4.3.1 and earlier allows privileged users to view restricted sensitive information.

Vulnerability

CA API Developer Portal versions 4.3.1 and earlier contain an access control flaw (CVE-2020-11660) that allows privileged users to view restricted sensitive information. The vulnerability is due to improper access controls on certain resources [1].

Exploitation

An attacker must have a privileged user account on the portal. No additional authentication or network position is required beyond that. The privileged user can then access restricted sensitive information that should not be visible to them [1].

Impact

A privileged user can view restricted sensitive information, leading to unauthorized disclosure of confidential data. The exact nature of the information is not specified in the available references [1].

Mitigation

CA has published solutions to address this vulnerability. Affected customers should apply the patches provided by Broadcom. No specific version number for the fix is given in the advisory, but it is recommended to upgrade to the latest supported version [1].

References
  1. Support Content Notification - Support Portal - Broadcom support portal

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.