VYPR

CA API Developer Portal

by Broadcom Corporation

CVEs (9)

  • CVE-2020-11658CriApr 15, 2020
    risk 0.64cvss 9.8epss 0.02

    CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization.

  • CVE-2020-11666HigApr 15, 2020
    risk 0.57cvss 8.8epss 0.03

    CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.

  • CVE-2020-11661HigApr 15, 2020
    risk 0.53cvss 8.1epss 0.02

    CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.

  • CVE-2020-11662HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.03

    CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.

  • CVE-2020-11660MedApr 15, 2020
    risk 0.42cvss 6.5epss 0.01

    CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.

  • CVE-2020-11665MedApr 15, 2020
    risk 0.40cvss 6.1epss 0.02

    CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.

  • CVE-2020-11664MedApr 15, 2020
    risk 0.40cvss 6.1epss 0.01

    CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.

  • CVE-2020-11663MedApr 15, 2020
    risk 0.40cvss 6.1epss 0.01

    CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.

  • CVE-2020-11659MedApr 15, 2020
    risk 0.28cvss 4.3epss 0.01

    CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.