exploitDog

CVE-2018-6590

Опубликовано: 03 авг. 2018

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.

Ссылки

http://www.securitytracker.com/id/1041416
Third Party Advisory
VDB Entry
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180802-01--security-notice-for-ca-api-developer-portal.html
Vendor Advisory
http://www.securitytracker.com/id/1041416
Third Party Advisory
VDB Entry
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180802-01--security-notice-for-ca-api-developer-portal.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:broadcom:ca_api_developer_portal:*:*:*:*:*:*:*:*

Версия от 4.2.0 (включая) до 4.2.5.3 (исключая)

cpe:2.3:a:broadcom:ca_api_developer_portal:4.0:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:ca_api_developer_portal:4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00265

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-6rgv-3m65-6x4r

CVSS3: 6.1

github

больше 3 лет назад

CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.

EPSS

Процентиль: 50%

0.00265

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

CWE-79