Описание
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-11661
- https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2020/CA20200414-01-Securit-Notice-for-CA-API-Developer-Portal.html
- http://packetstormsecurity.com/files/157244/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
- http://packetstormsecurity.com/files/157276/CA-API-Developer-Portal-4.2.x-4.3.1-Access-Bypass-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2020/Apr/24
Связанные уязвимости
CVSS3: 8.1
nvd
почти 6 лет назад
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.