Vulnerabilities > Broadcom > Privileged Access Manager > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-02-26 CVE-2019-7392 Improper Authentication vulnerability in Broadcom Privileged Access Manager
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
network
low complexity
broadcom CWE-287
critical
 9.1
9.1
2018-06-18 CVE-2015-4664 Improper Input Validation vulnerability in multiple products
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
network
low complexity
broadcom xceedium CWE-20
critical
 9.8
9.8
2018-06-18 CVE-2018-9021 Improper Privilege Management vulnerability in Broadcom Privileged Access Manager
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.
network
low complexity
broadcom CWE-269
critical
 9.8
9.8
2018-06-18 CVE-2018-9022 Improper Privilege Management vulnerability in Broadcom Privileged Access Manager
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.
network
low complexity
broadcom CWE-269
critical
 9.8
9.8
2018-06-18 CVE-2018-9029 SQL Injection vulnerability in Broadcom Privileged Access Manager
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.
network
low complexity
broadcom CWE-89
critical
 9.8
9.8