← Back

Ca

ca

137 CVEs • 107 products

Products (107)

Click to collapse
Toggle
Brightstor Arcserve Backup
brightstor_arcserve_backup
19 CVEs
Etrust Secure Content Manager
etrust_secure_content_manager
15 CVEs
Protection Suites
protection_suites
13 CVEs
Arcserve Backup
arcserve_backup
11 CVEs
Business Protection Suite
business_protection_suite
11 CVEs
Etrust Antivirus
etrust_antivirus
8 CVEs
Etrust Intrusion Detection
etrust_intrusion_detection
7 CVEs
Unicenter Management
unicenter_management
5 CVEs
Unicenter Software Delivery
unicenter_software_delivery
5 CVEs
Anti Virus For The Enterprise
anti-virus_for_the_enterprise
5 CVEs
Unified Infrastructure Management
unified_infrastructure_management
5 CVEs
Unicenter Asset Management
unicenter_asset_management
4 CVEs
Unicenter Enterprise Job Manager
unicenter_enterprise_job_manager
4 CVEs
Unicenter Tng
unicenter_tng
4 CVEs
Host Based Intrusion Prevention System
host-based_intrusion_prevention_system
4 CVEs
Internet Security Suite Plus 2008
internet_security_suite_plus_2008
4 CVEs
Internet Security Suite 2008
internet_security_suite_2008
4 CVEs
Gateway Security
gateway_security
4 CVEs
Ehealth Performance Manager
ehealth_performance_manager
4 CVEs
Xosoft Content Distribution
xosoft_content_distribution
4 CVEs
Xosoft High Availability
xosoft_high_availability
4 CVEs
Xosoft Replication
xosoft_replication
4 CVEs
Cloud Service Management
cloud_service_management
4 CVEs
Client Automation
client_automation
4 CVEs
Universal Job Management Agent
universal_job_management_agent
4 CVEs
Virtual Assurance For Infrastructure Managers
virtual_assurance_for_infrastructure_managers
4 CVEs
Workload Automation Ae
workload_automation_ae
4 CVEs
Service Desk Manager
service_desk_manager
4 CVEs
Project Portfolio Management
project_portfolio_management
4 CVEs
Etrust Admin
etrust_admin
3 CVEs
Threat Manager
threat_manager
3 CVEs
Ehealth
ehealth
3 CVEs
Etrust Vet Antivirus
etrust_vet_antivirus
3 CVEs
Network And Systems Management
network_and_systems_management
3 CVEs
Nsm Job Management Option
nsm_job_management_option
3 CVEs
Api Developer Portal
api_developer_portal
3 CVEs
Arcserve Backup 2000
arcserve_backup_2000
2 CVEs
Unicenter Web Services Distributed Management
unicenter_web_services_distributed_management
2 CVEs
Brightstor Arcserve Backup Agent
brightstor_arcserve_backup_agent
2 CVEs
Unicenter Remote Control
unicenter_remote_control
2 CVEs
Messaging
messaging
2 CVEs
Threat Manager For The Enterprise
threat_manager_for_the_enterprise
2 CVEs
Anti Virus
anti-virus
2 CVEs
Anti Virus Gateway
anti-virus_gateway
2 CVEs
Anti Virus Plus
anti-virus_plus
2 CVEs
Arcserve For Windows Client Agent
arcserve_for_windows_client_agent
2 CVEs
Arcserve For Windows Server Component
arcserve_for_windows_server_component
2 CVEs
Common Services
common_services
2 CVEs
Etrust Anti Virus Gateway
etrust_anti-virus_gateway
2 CVEs
Etrust Anti Virus Sdk
etrust_anti-virus_sdk
2 CVEs
Etrust Ez Antivirus
etrust_ez_antivirus
2 CVEs
Internet Security Suite Plus 2009
internet_security_suite_plus_2009
2 CVEs
Threat Manager Total Defense
threat_manager_total_defense
2 CVEs
Internet Security Suite 2010
internet_security_suite_2010
2 CVEs
Siteminder
siteminder
2 CVEs
Arcot Webfort Versatile Authentication Server
arcot_webfort_versatile_authentication_server
2 CVEs
Identityminder
identityminder
2 CVEs
Risk Authentication
risk_authentication
2 CVEs
Strong Authentication
strong_authentication
2 CVEs
Etrust Access Control
etrust_access_control
1 CVE
Controlit
controlit
1 CVE
Unicenter Remote Control Option
unicenter_remote_control_option
1 CVE
Vet Antivirus
vet_antivirus
1 CVE
Brightstor Enterprise Backup Agent
brightstor_enterprise_backup_agent
1 CVE
Unicenter Nsm
unicenter_nsm
1 CVE
Brightstor Enterprise Backup
brightstor_enterprise_backup
1 CVE
Etrust Audit Aries
etrust_audit_aries
1 CVE
Etrust Directory
etrust_directory
1 CVE
Unicenter Application Performance Monitor
unicenter_application_performance_monitor
1 CVE
Unicenter Application Server Managment
unicenter_application_server_managment
1 CVE
Unicenter Ca Web Services Distributed Management
unicenter_ca_web_services_distributed_management
1 CVE
Unicenter Exchange Management Console
unicenter_exchange_management_console
1 CVE
Unicenter Service Catalog Fulfillment Accounting
unicenter_service_catalog_fulfillment_accounting
1 CVE
Unicenter Service Fulfillment
unicenter_service_fulfillment
1 CVE
Unicenter Service Level Management
unicenter_service_level_management
1 CVE
Unicenter Web Server Management
unicenter_web_server_management
1 CVE
Brightstor Arcserve Client
brightstor_arcserve_client
1 CVE
Arcserve Backup For Laptops And Desktops
arcserve_backup_for_laptops_and_desktops
1 CVE
Personal Firewall 2007
personal_firewall_2007
1 CVE
Personal Firewall 2008
personal_firewall_2008
1 CVE
Cmdb
cmdb
1 CVE
Service Level Management
service_level_management
1 CVE
Service Metric Analysis
service_metric_analysis
1 CVE
Internet Security Suite 2007
internet_security_suite_2007
1 CVE
Advantage Data Transport
advantage_data_transport
1 CVE
It Client Manager
it_client_manager
1 CVE
Software Delivery
software_delivery
1 CVE
Internet Security Suite
internet_security_suite
1 CVE
Etrust Pestpatrole Ppctl.dll Activex
etrust_pestpatrole_ppctl.dll_activex
1 CVE
Service Desk
service_desk
1 CVE
Psformx Active X Control
psformx_active_x_control
1 CVE
Webscan Active X Control
webscan_active_x_control
1 CVE
Internet Security Suite Plus 2010
internet_security_suite_plus_2010
1 CVE
Arcserve Replication And High Availability
arcserve_replication_and_high_availability
1 CVE
Internet Security Suite 2011
internet_security_suite_2011
1 CVE
Arcserve D2d
arcserve_d2d
1 CVE
Xcom Data Transport
xcom_data_transport
1 CVE
Web Agents
web_agents
1 CVE
Erwin Web Portal
erwin_web_portal
1 CVE
Service Desk Management
service_desk_management
1 CVE

CVEs (137)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-6586
1Ca
1Api Developer Portal
Nov 21, 2024
Mar 29, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.
CVE-2017-9394
1Ca
1Identity Governance
May 13, 2026
Nov 14, 2017
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated attackers to display HTML or execute script in the context of another user.
CVE-2017-9393
1Ca
2Identity Manager
Identity Manager Virtual Appliance
May 13, 2026
Sep 22, 2017
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search.
CVE-2017-8391
1Ca
1Client Automation
May 13, 2026
May 6, 2017
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtai...Show more
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.Show less
CVE-2016-9165
1Ca
2Unified Infrastructure Management
Unified Infrastructure Management Snap
May 13, 2026
Mar 20, 2017
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain...Show more
The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges via unspecified vectors.Show less
CVE-2016-9164
1Ca
1Unified Infrastructure Management
May 13, 2026
Mar 7, 2017
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap...Show more
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors.Show less
CVE-2016-9148
1Ca
1Service Desk Manager
May 13, 2026
Mar 7, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in CA Service Desk Manager (formerly CA Service Desk) 12.9 and 14.1 allows remote attackers to inject arbitrary web script or HTML via the QBE.EQ.REF_NUM parameter.
CVE-2016-9795
2Broadcom
Ca
6Ca Workload Automation Ae
Client AutomationSystemedge+3 more
May 13, 2026
Jan 27, 2017
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management A...Show more
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.Show less
CVE-2016-10086
1Ca
2Service Desk Management
Service Desk Manager
May 13, 2026
Jan 18, 2017
N/A· v4
8.1 HIGH· v3
5.5 MEDIUM· v2
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful...Show more
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.Show less
CVE-2016-6152
2Broadcom
Ca
2Ehealth
Ehealth
May 6, 2026
Jul 26, 2016
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.
CVE-2016-6151
1Ca
1Ehealth
May 6, 2026
Jul 26, 2016
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
CA eHealth 6.2.x allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.
CVE-2015-3318
1Ca
6Client Automation
Network And Systems ManagementNsm Job Management Option+3 more
May 6, 2026
Jun 17, 2015
N/A· v4
N/A· v3
4.6 MEDIUM· v2
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Manageme...Show more
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.Show less
CVE-2015-3317
1Ca
6Client Automation
Network And Systems ManagementNsm Job Management Option+3 more
May 6, 2026
Jun 17, 2015
N/A· v4
N/A· v3
4.6 MEDIUM· v2
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Manageme...Show more
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.Show less
CVE-2015-3316
2Broadcom
Ca
7Client Automation
Network And Systems ManagementNetwork And Systems Management+4 more
May 6, 2026
Jun 17, 2015
N/A· v4
N/A· v3
4.6 MEDIUM· v2
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Manageme...Show more
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.Show less
CVE-2014-8474
1Ca
1Cloud Service Management
May 6, 2026
Nov 4, 2014
N/A· v4
N/A· v3
7.5 HIGH· v2
CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document...Show more
CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.Show less
CVE-2014-8473
1Ca
1Cloud Service Management
May 6, 2026
Nov 4, 2014
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2014-8472
1Ca
1Cloud Service Management
May 6, 2026
Nov 4, 2014
N/A· v4
N/A· v3
6.8 MEDIUM· v2
CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspec...Show more
CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.Show less
CVE-2014-8471
1Ca
1Cloud Service Management
May 6, 2026
Nov 4, 2014
N/A· v4
N/A· v3
4.3 MEDIUM· v2
CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors.
CVE-2014-2210
1Ca
1Erwin Web Portal
May 6, 2026
Apr 4, 2014
N/A· v4
N/A· v3
7.5 HIGH· v2
Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrar...Show more
Multiple directory traversal vulnerabilities in CA ERwin Web Portal 9.5 allow remote attackers to obtain sensitive information, bypass intended access restrictions, cause a denial of service, or possibly execute arbitrary code via unspecified vectors.Show less
CVE-2013-5968
2Broadcom
Ca
2Siteminder
Web Agents
Apr 29, 2026
Oct 29, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character...Show more
Cross-site scripting (XSS) vulnerability in CA SiteMinder 12.0 through 12.51, and SiteMinder 6 Web Agents, allows remote attackers to inject arbitrary web script or HTML via vectors involving a " (double quote) character.Show less