CVE-2010-1221

Published: Apr 7, 2010Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request.

Affected (6)

Products: Ca: Xosoft Content Distribution, Xosoft High Availability, Xosoft Replication

3 products

Xosoft Content Distribution

Xosoft High Availability

Xosoft Replication

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Ca Xosoft Content Distribution	Version r12.0
Ca Xosoft Content Distribution	Version r12.5
Ca Xosoft High Availability	Version r12.0
Ca Xosoft High Availability	Version r12.5
Ca Xosoft Replication	Version r12.0
Ca Xosoft Replication	Version r12.5

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

http://www.securityfocus.com/archive/1/510564/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/39244

Source: cve@mitre.org

Patch

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/archive/1/510564/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/39244

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.