Vulnerabilities > CA > Ehealth Performance Manager

DATE CVE VULNERABILITY TITLE RISK
2021-03-26 CVE-2021-28250 Improper Privilege Management vulnerability in CA Ehealth Performance Manager
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a setuid (and/or setgid) file.
local
low complexity
ca CWE-269
7.8
7.8
2021-03-26 CVE-2021-28249 Untrusted Search Path vulnerability in CA Ehealth Performance Manager
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library.
local
low complexity
ca CWE-426
8.8
8.8
2021-03-26 CVE-2021-28247 Cross-site Scripting vulnerability in CA Ehealth Performance Manager
CA eHealth Performance Manager through 6.3.2.12 is affected by Cross Site Scripting (XSS).
network
low complexity
ca CWE-79
5.4
5.4