Описание
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:ca:service_desk_management:14.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:service_desk_manager:12.9:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00715
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
EPSS
Процентиль: 72%
0.00715
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-264