Vulnerabilities > Broadcom
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-05 | CVE-2020-29478 | Unspecified vulnerability in Broadcom CA Service Catalog 17.2/17.3 CA Service Catalog 17.2 and 17.3 contain a vulnerability in the default configuration of the Setup Utility that may allow a remote attacker to cause a denial of service condition. | 5.0 |
| 2020-12-10 | CVE-2020-12595 | Unspecified vulnerability in Broadcom Symantec Messaging Gateway An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. | 4.0 |
| 2020-12-10 | CVE-2020-12594 | Improper Privilege Management vulnerability in Broadcom Symantec Messaging Gateway A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. | 9.0 |
| 2020-11-23 | CVE-2020-28421 | Improper Privilege Management vulnerability in Broadcom Unified Infrastructure Management CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges. | 4.6 |
| 2020-06-29 | CVE-2018-6446 | USE of Hard-Coded Credentials vulnerability in Broadcom Brocade Network Advisor A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. | 7.5 |
| 2020-06-08 | CVE-2020-12695 | Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. | 7.8 |
| 2020-04-15 | CVE-2020-11660 | Information Exposure vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. | 4.0 |
| 2020-04-15 | CVE-2020-11659 | Authorization Bypass Through User-Controlled KEY vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. | 4.0 |
| 2020-04-15 | CVE-2020-11658 | Authorization Bypass Through User-Controlled KEY vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. | 7.5 |
| 2020-04-15 | CVE-2020-11666 | Improper Privilege Management vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. | 6.5 |