Vulnerabilities > Broadcom > CA API Developer Portal > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-11660 Unspecified vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information.
network
low complexity
broadcom
6.5
6.5
2020-04-15 CVE-2020-11659 Authorization Bypass Through User-Controlled Key vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.
network
low complexity
broadcom CWE-639
4.3
4.3
2020-04-15 CVE-2020-11665 Open Redirect vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
network
low complexity
broadcom CWE-601
6.1
6.1
2020-04-15 CVE-2020-11664 Open Redirect vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
network
low complexity
broadcom CWE-601
6.1
6.1
2020-04-15 CVE-2020-11663 Open Redirect vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.
network
low complexity
broadcom CWE-601
6.1
6.1
2018-08-03 CVE-2018-6590 Cross-site Scripting vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
network
low complexity
broadcom CWE-79
6.1
6.1