Vulnerabilities > Broadcom > Privileged Access Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-02-26 CVE-2019-7392 Improper Authentication vulnerability in Broadcom Privileged Access Manager
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
network
low complexity
broadcom CWE-287
6.4
6.4
2018-06-18 CVE-2018-9028 Inadequate Encryption Strength vulnerability in Broadcom Privileged Access Manager
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
network
low complexity
broadcom CWE-326
5.0
5.0
2018-06-18 CVE-2018-9026 Session Fixation vulnerability in Broadcom Privileged Access Manager
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
network
low complexity
broadcom CWE-384
5.0
5.0
2018-06-18 CVE-2018-9025 Improper Input Validation vulnerability in Broadcom Privileged Access Manager
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
network
low complexity
broadcom CWE-20
5.0
5.0
2018-06-18 CVE-2018-9024 Improper Authentication vulnerability in Broadcom Privileged Access Manager
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
network
low complexity
broadcom CWE-287
5.0
5.0