Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ca Subscribe
Filtered by product Cloud Service Management
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-8471 1 Ca 1 Cloud Service Management 2017-09-07 4.3 MEDIUM N/A
CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to conduct replay attacks via unspecified vectors.
CVE-2014-8472 1 Ca 1 Cloud Service Management 2017-09-07 6.8 MEDIUM N/A
CA Cloud Service Management (CSM) before Summer 2014 does not properly verify authentication tokens from an Identity Provider, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2014-8473 1 Ca 1 Cloud Service Management 2017-09-07 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2014-8474 1 Ca 1 Cloud Service Management 2017-09-07 7.5 HIGH N/A
CA Cloud Service Management (CSM) before Summer 2014 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.