Vulnerabilities > Broadcom > Privileged Access Manager > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-26 | CVE-2019-7392 | Improper Authentication vulnerability in Broadcom Privileged Access Manager An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration. | 6.4 |
2018-06-18 | CVE-2018-9028 | Inadequate Encryption Strength vulnerability in Broadcom Privileged Access Manager Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking. | 5.0 |
2018-06-18 | CVE-2018-9026 | Session Fixation vulnerability in Broadcom Privileged Access Manager A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. | 5.0 |
2018-06-18 | CVE-2018-9025 | Improper Input Validation vulnerability in Broadcom Privileged Access Manager An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input. | 5.0 |
2018-06-18 | CVE-2018-9024 | Improper Authentication vulnerability in Broadcom Privileged Access Manager An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. | 5.0 |