Vulnerabilities > CA > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-11-14 | CVE-2017-9394 | Cross-site Scripting vulnerability in CA Identity Governance 12.6.0 A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated attackers to display HTML or execute script in the context of another user. | 3.5 |
2017-05-06 | CVE-2017-8391 | Incorrect Permission Assignment for Critical Resource vulnerability in CA Client Automation R12.9/R14.0 The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation. | 2.1 |
2010-02-24 | CVE-2010-0640 | Cross-Site Scripting vulnerability in CA Ehealth Performance Manager 6.0/6.1/6.2 Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request. | 2.6 |
2009-08-19 | CVE-2009-0682 | Improper Input Validation vulnerability in CA Internet Security Suite 10.0.0.217/9.0.0.184 vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service (system crash) via a crafted call. | 2.1 |
2001-05-18 | CVE-2001-1346 | Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. | 1.2 |