Ca Vulnérabilités

Chronologie

Taper

Not Defined171
Backup Software46
Automation Software26
Anti-Malware Software16
Access Management Software11

Produit

CA BrightStor ARCserve Backup16
CA API Developer Portal13
CA Privileged Access Manager11
CA ARCserve Backup11
CA Unified Infrastructure Management10

Contre-mesures

Official Fix145
Temporary Fix0
Workaround13
Unavailable2
Not Defined122

Exploitabilité

High30
Functional0
Proof-of-Concept101
Unproven7
Not Defined144

Vecteur d'accès

Not Defined0
Physical0
Local36
Adjacent8
Network238

Authentification

Not Defined0
High0
Low43
None239

Interaction de l'utilisateur

Not Defined0
Required37
None245

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤411
≤518
≤666
≤739
≤863
≤924
≤1060

CVSSv3 Temp

≤10
≤20
≤31
≤412
≤535
≤659
≤764
≤833
≤954
≤1024

VulDB

≤10
≤20
≤31
≤415
≤523
≤676
≤730
≤871
≤96
≤1060

NVD

≤10
≤20
≤30
≤40
≤52
≤65
≤715
≤822
≤912
≤1021

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤71
≤81
≤90
≤104

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k0
<2k1
<5k8
<10k81
<25k110
<50k81
<100k1
≥100k0

Exploiter aujourd'hui

<1k198
<2k14
<5k26
<10k34
<25k10
<50k0
<100k0
≥100k0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (114): 2E Web Option (1), API Developer Portal (13), API Gateway (1), ARCserve Backup (11), ARCserve D2D (2), ARCserve Replication (1), Anti-Virus Enterprise (1), Anti-Virus for the Enterprise (3), ArcServe Backup (1), Arcot WebFort Versatile Authentication Server (2), Automic Dollar Universe (1), Automic Sysload (1), Automic Workload Automation (1), BrightStor (2), BrightStor ARCServe BackUp (7), BrightStor ARCServe Backup (2), BrightStor ARCserve Backup (18), BrightStor Hierarchical Storage Manager (3), Brightstor Arcserve Backup (4), Brightstor Enterprise Backup (3), Business Protection Suite (4), CA DMV (1), CCC Harvest (1), Cleverpath Portal (2), Client Automation (3), Cloud Service Management (4), Common Services (1), ControlIT (1), Desktop Management Suite (1), Directory (1), ERwin Data Model Validator (1), ERwin Process Modeler (2), ERwin Web Portal (1), Etrust Antivirus (2), Etrust Integrated Threat Management (2), Etrust Pestpatrol (1), Gateway Security (2), HIPS (1), Harvest Software Change Manager (1), High Availability (1), Host-Based Intrusion Prevention System (1), Identity Governance (2), Identity Manager (1), IdentityMinder (2), Identity Suite Virtual Appliance (1), InoculateIT (6), InoculateIT Agent for Exchange (1), Integrated Threat Management (1), Internet Security Suite (1), Internet Security Suite 2008 (1), Internet Security Suite 2010 (1), Internet Security Suite 2011 (1), Internet Security Suite Plus 2008 (1), Internet Security Suite Plus 2010 (1), Intrusion Prevention System (1), Investigation Tool (1), JCICSecurityTool (1), License (2), License Software (3), Management Agent (3), Messaging Queuing (1), Mlink (1), Network Flow Analysis (2), Output Management Web Viewer (1), PPM (5), Performance Management (1), Personal Firewall (1), Privileged Access Manager (11), Protection Suites (6), Release Automation (7), Risk Authentication (2), Secure Content Manager (1), Service Desk (2), Service Desk Manager (5), Service Metric Analysis (1), Single Sign-On (2), SiteMinder (8), Spectrum (3), Strong Authentication (2), Threat Manager (1), Threat Manager for the Enterprise (1), Total Defense (3), Unicenter (2), Unicenter Asset Management (4), Unicenter File Transfer Service (1), Unicenter Management Portal (1), Unicenter Network And Systems Management (5), Unicenter Remote Control (3), Unicenter Remote Control Host (2), Unicenter Software Delivery (1), Unicenter Tng (1), Unicenter Transport Service (1), Unicenter Web Services Distributed Management (1), Unified Infrastructure Management (10), Webscan Active X Control (1), Workload Automation AE (2), Workload Control Center (1), XCOM Data Transport (1), Xosoft Replication (3), eHealth (3), eHealth Performance Manager (6), eTrust Access Control (1), eTrust Antivirus (6), eTrust Antivirus EE (1), eTrust Antivirus WebScan (3), eTrust Audit Datatools (1), eTrust EZ Armor (2), eTrust Intrusion Detection (5), eTrust PestPatrol (2), eTrust Secure Content Manager (2), eTrust Security Command Center (2), eTrust SiteMinder (3), eTrust Threat Management Console (1), iGateway (1)

PubliéBaseTempVulnérabilitéProdExpConEPSSCTICVE
15/12/20235.25.2TAIWAN-CA JCICSecurityTool cross site scriptingInconnueNot DefinedNot Defined0.001660.02CVE-2023-48387
05/02/20227.17.1CA Harvest Software Change Manager CSV Export elévation de privilègesInconnueNot DefinedNot Defined0.001160.00CVE-2022-22689
03/12/20216.46.4CA Network Flow Analysis NFA Web Application sql injectionInconnueNot DefinedNot Defined0.000650.02CVE-2021-44050
26/03/20217.47.2CA eHealth Performance Manager runpicEhealth elévation de privilègesInconnueNot DefinedWorkaround0.000480.00CVE-2021-28250
26/03/20217.17.0CA eHealth Performance Manager Shared Object elévation de privilègesInconnueNot DefinedWorkaround0.000480.00CVE-2021-28249
26/03/20215.35.2CA eHealth Performance Manager divulgation de l'informationInconnueNot DefinedWorkaround0.003070.00CVE-2021-28248
26/03/20214.44.3CA eHealth Performance Manager nhWeb cross site scriptingInconnueNot DefinedWorkaround0.000720.00CVE-2021-28247
26/03/20217.06.9CA eHealth Performance Manager Shared Object elévation de privilègesInconnueNot DefinedWorkaround0.000480.00CVE-2021-28246
21/01/20216.46.4CA ARCserve D2D XML External EntityInconnueNot DefinedNot Defined0.032890.00CVE-2020-27858
23/11/20206.56.3CA Unified Infrastructure Management Robot Controller elévation de privilègesInconnueNot DefinedOfficial Fix0.000420.00CVE-2020-28421
15/04/20207.57.5CA API Developer Portal Access Control elévation de privilègesAutomation SoftwareNot DefinedNot Defined0.003310.00CVE-2020-11666
15/04/20206.66.6CA API Developer Portal loginRedirect PageAutomation SoftwareNot DefinedNot Defined0.002130.00CVE-2020-11665
15/04/20206.66.6CA API Developer Portal homeRedirect PageAutomation SoftwareNot DefinedNot Defined0.002130.03CVE-2020-11664
15/04/20206.66.6CA API Developer Portal 404 RedirectAutomation SoftwareNot DefinedNot Defined0.002130.00CVE-2020-11663
15/04/20206.46.4CA API Developer Portal divulgation de l'informationAutomation SoftwareNot DefinedNot Defined0.007140.00CVE-2020-11662
15/04/20207.27.2CA API Developer Portal Access Control elévation de privilègesAutomation SoftwareNot DefinedNot Defined0.001570.00CVE-2020-11661
15/04/20205.45.4CA API Developer Portal divulgation de l'informationAutomation SoftwareNot DefinedNot Defined0.001040.04CVE-2020-11660
15/04/20205.35.3CA API Developer Portal Access Control elévation de privilègesAutomation SoftwareNot DefinedNot Defined0.000630.00CVE-2020-11659
15/04/20208.58.5CA API Developer Portal elévation de privilègesAutomation SoftwareNot DefinedNot Defined0.003730.00CVE-2020-11658
18/02/20208.58.5CA Unified Infrastructure Management Robot Controller buffer overflowInconnueNot DefinedNot Defined0.541950.04CVE-2020-8012
18/02/20206.46.4CA Unified Infrastructure Management Robot Controller dénie de serviceInconnueNot DefinedNot Defined0.002160.00CVE-2020-8011
18/02/20208.58.5CA Unified Infrastructure Management ACL elévation de privilègesInconnueNot DefinedNot Defined0.071350.09CVE-2020-8010
08/01/20206.56.5CA Automic Dollar Universe uxdqmsrv elévation de privilègesInconnueNot DefinedWorkaround0.000420.04CVE-2019-19544
08/01/20208.58.5CA Automic Sysload File Server Port authentification faibleInconnueNot DefinedNot Defined0.008780.00CVE-2019-19518
20/12/20196.66.6CA Client Automation File Access Local Privilege EscalationAutomation SoftwareNot DefinedNot Defined0.000420.04CVE-2019-19231

257 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 257 results.

PrécédentAperçuSuivant

Do you know our Splunk app?

Download it now for free!