CA : Security Vulnerabilities, CVEs, (Bypass)
Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores.
Max CVSS
10.0
EPSS Score
7.08%
Published
2007-10-01
Updated
2021-04-08
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
Max CVSS
9.8
EPSS Score
0.37%
Published
2018-08-30
Updated
2018-11-05
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
Max CVSS
7.5
EPSS Score
0.15%
Published
2019-01-22
Updated
2021-04-09
CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.
Max CVSS
6.8
EPSS Score
0.75%
Published
2014-11-04
Updated
2017-09-08
CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request.
Max CVSS
5.0
EPSS Score
0.36%
Published
2010-04-07
Updated
2018-10-10
CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request.
Max CVSS
5.0
EPSS Score
0.36%
Published
2010-04-07
Updated
2018-10-10
6 vulnerabilities found