CA API Developer Portal

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-15	CVE-2020-11660	Unspecified vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. network low complexity broadcom	6.5
2020-04-15	CVE-2020-11659	Authorization Bypass Through User-Controlled Key vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. network low complexity broadcom CWE-639	4.3
2020-04-15	CVE-2020-11658	Authorization Bypass Through User-Controlled Key vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. network low complexity broadcom CWE-639 critical	9.8
2020-04-15	CVE-2020-11666	Unspecified vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. network low complexity broadcom	8.8
2020-04-15	CVE-2020-11665	Open Redirect vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. network low complexity broadcom CWE-601	6.1
2020-04-15	CVE-2020-11664	Open Redirect vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. network low complexity broadcom CWE-601	6.1
2020-04-15	CVE-2020-11663	Open Redirect vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. network low complexity broadcom CWE-601	6.1
2020-04-15	CVE-2020-11662	Unspecified vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. network low complexity broadcom	7.5
2020-04-15	CVE-2020-11661	Unspecified vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. network low complexity broadcom	8.1
2018-08-03	CVE-2018-6590	Cross-site Scripting vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability. network low complexity broadcom CWE-79	6.1