Vulnerabilities > Broadcom > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-11663 Open Redirect vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks.
network
broadcom CWE-601
5.8
2020-04-15 CVE-2020-11662 Information Exposure vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.
network
low complexity
broadcom CWE-200
5.0
2020-04-15 CVE-2020-11661 Improper Privilege Management vulnerability in Broadcom CA API Developer Portal
CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data.
network
low complexity
broadcom CWE-269
5.5
2020-04-10 CVE-2019-18375 Unspecified vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg
The ASG and ProxySG management consoles are susceptible to a session hijacking vulnerability.
network
low complexity
broadcom
6.4
2020-04-02 CVE-2020-1927 Open Redirect vulnerability in multiple products
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
6.1
2020-02-18 CVE-2020-8011 NULL Pointer Dereference vulnerability in Broadcom Unified Infrastructure Management
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component.
network
low complexity
broadcom CWE-476
5.0
2020-02-05 CVE-2019-16204 Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1d could expose external passwords, common secrets or authentication keys used between the switch and an external server.
network
low complexity
broadcom CWE-532
5.0
2020-02-05 CVE-2019-16203 Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the credentials of the remote ESRS server when these credentials are given as a command line option when configuring the ESRS client.
network
low complexity
broadcom CWE-532
5.0
2019-12-20 CVE-2019-19231 Unspecified vulnerability in Broadcom CA Client Automation
An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges.
local
low complexity
broadcom
4.6
2019-11-18 CVE-2019-19063 Memory Leak vulnerability in multiple products
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
4.6