Vulnerabilities > Broadcom > CA API Developer Portal > 4.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-11660 | Information Exposure vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. | 4.0 |
| 2020-04-15 | CVE-2020-11659 | Authorization Bypass Through User-Controlled Key vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. | 4.0 |
| 2020-04-15 | CVE-2020-11658 | Authorization Bypass Through User-Controlled Key vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. | 7.5 |
| 2020-04-15 | CVE-2020-11666 | Improper Privilege Management vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. | 6.5 |
| 2020-04-15 | CVE-2020-11665 | Open Redirect vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | 5.8 |
| 2020-04-15 | CVE-2020-11664 | Open Redirect vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | 5.8 |
| 2020-04-15 | CVE-2020-11663 | Open Redirect vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. | 5.8 |
| 2020-04-15 | CVE-2020-11662 | Information Exposure vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. | 5.0 |
| 2020-04-15 | CVE-2020-11661 | Improper Privilege Management vulnerability in Broadcom CA API Developer Portal CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. | 5.5 |