Vulnerabilities > Broadcom > CA API Developer Portal > 4.2.5.1

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-11660 Information Exposure vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
network
low complexity
broadcom CWE-200
4.0
4.0
2020-04-15 CVE-2020-11666 Improper Privilege Management vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.
network
low complexity
broadcom CWE-269
6.5
6.5
2020-04-15 CVE-2020-11662 Information Exposure vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.
network
low complexity
broadcom CWE-200
5.0
5.0
2020-04-15 CVE-2020-11661 Improper Privilege Management vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
network
low complexity
broadcom CWE-269
5.5
5.5
2018-08-03 CVE-2018-6590 Cross-site Scripting vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
network
low complexity
broadcom CWE-79
6.1
6.1