Описание
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-11664
- https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2020/CA20200414-01-Securit-Notice-for-CA-API-Developer-Portal.html
- http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
- http://packetstormsecurity.com/files/157276/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2020/Apr/24
EPSS
Процентиль: 49%
0.00259
Низкий
CVE ID
Связанные уязвимости
CVSS3: 6.1
nvd
почти 6 лет назад
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
EPSS
Процентиль: 49%
0.00259
Низкий