← Back

Ca

ca

137 CVEs • 107 products

Products (107)

Click to collapse
Toggle
Brightstor Arcserve Backup
brightstor_arcserve_backup
19 CVEs
Etrust Secure Content Manager
etrust_secure_content_manager
15 CVEs
Protection Suites
protection_suites
13 CVEs
Arcserve Backup
arcserve_backup
11 CVEs
Business Protection Suite
business_protection_suite
11 CVEs
Etrust Antivirus
etrust_antivirus
8 CVEs
Etrust Intrusion Detection
etrust_intrusion_detection
7 CVEs
Unicenter Management
unicenter_management
5 CVEs
Unicenter Software Delivery
unicenter_software_delivery
5 CVEs
Anti Virus For The Enterprise
anti-virus_for_the_enterprise
5 CVEs
Unified Infrastructure Management
unified_infrastructure_management
5 CVEs
Unicenter Asset Management
unicenter_asset_management
4 CVEs
Unicenter Enterprise Job Manager
unicenter_enterprise_job_manager
4 CVEs
Unicenter Tng
unicenter_tng
4 CVEs
Host Based Intrusion Prevention System
host-based_intrusion_prevention_system
4 CVEs
Internet Security Suite Plus 2008
internet_security_suite_plus_2008
4 CVEs
Internet Security Suite 2008
internet_security_suite_2008
4 CVEs
Gateway Security
gateway_security
4 CVEs
Ehealth Performance Manager
ehealth_performance_manager
4 CVEs
Xosoft Content Distribution
xosoft_content_distribution
4 CVEs
Xosoft High Availability
xosoft_high_availability
4 CVEs
Xosoft Replication
xosoft_replication
4 CVEs
Cloud Service Management
cloud_service_management
4 CVEs
Client Automation
client_automation
4 CVEs
Universal Job Management Agent
universal_job_management_agent
4 CVEs
Virtual Assurance For Infrastructure Managers
virtual_assurance_for_infrastructure_managers
4 CVEs
Workload Automation Ae
workload_automation_ae
4 CVEs
Service Desk Manager
service_desk_manager
4 CVEs
Project Portfolio Management
project_portfolio_management
4 CVEs
Etrust Admin
etrust_admin
3 CVEs
Threat Manager
threat_manager
3 CVEs
Ehealth
ehealth
3 CVEs
Etrust Vet Antivirus
etrust_vet_antivirus
3 CVEs
Network And Systems Management
network_and_systems_management
3 CVEs
Nsm Job Management Option
nsm_job_management_option
3 CVEs
Api Developer Portal
api_developer_portal
3 CVEs
Arcserve Backup 2000
arcserve_backup_2000
2 CVEs
Unicenter Web Services Distributed Management
unicenter_web_services_distributed_management
2 CVEs
Brightstor Arcserve Backup Agent
brightstor_arcserve_backup_agent
2 CVEs
Unicenter Remote Control
unicenter_remote_control
2 CVEs
Messaging
messaging
2 CVEs
Threat Manager For The Enterprise
threat_manager_for_the_enterprise
2 CVEs
Anti Virus
anti-virus
2 CVEs
Anti Virus Gateway
anti-virus_gateway
2 CVEs
Anti Virus Plus
anti-virus_plus
2 CVEs
Arcserve For Windows Client Agent
arcserve_for_windows_client_agent
2 CVEs
Arcserve For Windows Server Component
arcserve_for_windows_server_component
2 CVEs
Common Services
common_services
2 CVEs
Etrust Anti Virus Gateway
etrust_anti-virus_gateway
2 CVEs
Etrust Anti Virus Sdk
etrust_anti-virus_sdk
2 CVEs
Etrust Ez Antivirus
etrust_ez_antivirus
2 CVEs
Internet Security Suite Plus 2009
internet_security_suite_plus_2009
2 CVEs
Threat Manager Total Defense
threat_manager_total_defense
2 CVEs
Internet Security Suite 2010
internet_security_suite_2010
2 CVEs
Siteminder
siteminder
2 CVEs
Arcot Webfort Versatile Authentication Server
arcot_webfort_versatile_authentication_server
2 CVEs
Identityminder
identityminder
2 CVEs
Risk Authentication
risk_authentication
2 CVEs
Strong Authentication
strong_authentication
2 CVEs
Etrust Access Control
etrust_access_control
1 CVE
Controlit
controlit
1 CVE
Unicenter Remote Control Option
unicenter_remote_control_option
1 CVE
Vet Antivirus
vet_antivirus
1 CVE
Brightstor Enterprise Backup Agent
brightstor_enterprise_backup_agent
1 CVE
Unicenter Nsm
unicenter_nsm
1 CVE
Brightstor Enterprise Backup
brightstor_enterprise_backup
1 CVE
Etrust Audit Aries
etrust_audit_aries
1 CVE
Etrust Directory
etrust_directory
1 CVE
Unicenter Application Performance Monitor
unicenter_application_performance_monitor
1 CVE
Unicenter Application Server Managment
unicenter_application_server_managment
1 CVE
Unicenter Ca Web Services Distributed Management
unicenter_ca_web_services_distributed_management
1 CVE
Unicenter Exchange Management Console
unicenter_exchange_management_console
1 CVE
Unicenter Service Catalog Fulfillment Accounting
unicenter_service_catalog_fulfillment_accounting
1 CVE
Unicenter Service Fulfillment
unicenter_service_fulfillment
1 CVE
Unicenter Service Level Management
unicenter_service_level_management
1 CVE
Unicenter Web Server Management
unicenter_web_server_management
1 CVE
Brightstor Arcserve Client
brightstor_arcserve_client
1 CVE
Arcserve Backup For Laptops And Desktops
arcserve_backup_for_laptops_and_desktops
1 CVE
Personal Firewall 2007
personal_firewall_2007
1 CVE
Personal Firewall 2008
personal_firewall_2008
1 CVE
Cmdb
cmdb
1 CVE
Service Level Management
service_level_management
1 CVE
Service Metric Analysis
service_metric_analysis
1 CVE
Internet Security Suite 2007
internet_security_suite_2007
1 CVE
Advantage Data Transport
advantage_data_transport
1 CVE
It Client Manager
it_client_manager
1 CVE
Software Delivery
software_delivery
1 CVE
Internet Security Suite
internet_security_suite
1 CVE
Etrust Pestpatrole Ppctl.dll Activex
etrust_pestpatrole_ppctl.dll_activex
1 CVE
Service Desk
service_desk
1 CVE
Psformx Active X Control
psformx_active_x_control
1 CVE
Webscan Active X Control
webscan_active_x_control
1 CVE
Internet Security Suite Plus 2010
internet_security_suite_plus_2010
1 CVE
Arcserve Replication And High Availability
arcserve_replication_and_high_availability
1 CVE
Internet Security Suite 2011
internet_security_suite_2011
1 CVE
Arcserve D2d
arcserve_d2d
1 CVE
Xcom Data Transport
xcom_data_transport
1 CVE
Web Agents
web_agents
1 CVE
Erwin Web Portal
erwin_web_portal
1 CVE
Service Desk Management
service_desk_management
1 CVE

CVEs (137)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-28250
1Ca
1Ehealth Performance Manager
Nov 21, 2024
Mar 26, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be execu...Show more
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file. When a component is run as an argument of the runpicEhealth executable, the script code will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainerShow less
CVE-2021-28249
1Ca
1Ehealth Performance Manager
Nov 21, 2024
Mar 26, 2021
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the wr...Show more
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the FtpCollector executable is run. The code in the library will be executed as the root user. NOTE: This vulnerability only affects products that are no longer supported by the maintainerShow less
CVE-2021-28247
1Ca
1Ehealth Performance Manager
Nov 21, 2024
Mar 26, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
CA eHealth Performance Manager through 6.3.2.12 is affected by Cross Site Scripting (XSS). The impact is: An authenticated remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-...Show more
CA eHealth Performance Manager through 6.3.2.12 is affected by Cross Site Scripting (XSS). The impact is: An authenticated remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and perform a Reflected Cross-Site Scripting attack against the platform users. The affected endpoints are: cgi/nhWeb with the parameter report, aviewbin/filtermibobjects.pl with the parameter namefilter, and aviewbin/query.pl with the parameters System, SystemText, Group, and GroupText. NOTE: This vulnerability only affects products that are no longer supported by the maintainerShow less
CVE-2019-7394
1Ca
2Risk Authentication
Strong Authentication
Nov 21, 2024
May 28, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows...Show more
A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges.Show less
CVE-2019-7393
1Ca
2Risk Authentication
Strong Authentication
Nov 21, 2024
May 28, 2019
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remot...Show more
A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases.Show less
CVE-2018-19635
2Broadcom
Ca
2Service Desk Manager
Service Desk Manager
Nov 21, 2024
Jan 22, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface.
CVE-2018-19634
2Broadcom
Ca
2Service Desk Manager
Service Desk Manager
Nov 21, 2024
Jan 22, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information.
CVE-2018-13826
2Broadcom
Ca
2Project Portfolio Management
Project Portfolio Management
Nov 21, 2024
Aug 30, 2018
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
CVE-2018-13825
2Broadcom
Ca
2Project Portfolio Management
Project Portfolio Management
Nov 21, 2024
Aug 30, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting atta...Show more
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.Show less
CVE-2018-13824
2Broadcom
Ca
2Project Portfolio Management
Project Portfolio Management
Nov 21, 2024
Aug 30, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
CVE-2018-13823
2Broadcom
Ca
2Project Portfolio Management
Project Portfolio Management
Nov 21, 2024
Aug 30, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
CVE-2018-13821
1Ca
1Unified Infrastructure Management
Nov 21, 2024
Aug 30, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
CVE-2018-13820
1Ca
1Unified Infrastructure Management
Nov 21, 2024
Aug 30, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVE-2018-13819
1Ca
1Unified Infrastructure Management
Nov 21, 2024
Aug 30, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVE-2018-9027
1Ca
1Ca Privileged Access Manager
Nov 21, 2024
Jun 18, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link.
CVE-2018-6589
1Ca
1Spectrum
Nov 21, 2024
May 1, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10.2.3 allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2018-8954
1Ca
1Workload Control Center
Nov 21, 2024
Apr 11, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request.
CVE-2018-8953
1Ca
1Workload Automation Ae
Nov 21, 2024
Apr 11, 2018
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.
CVE-2018-6588
1Ca
1Api Developer Portal
Nov 21, 2024
Mar 29, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer.
CVE-2018-6587
1Ca
1Api Developer Portal
Nov 21, 2024
Mar 29, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable.