本页列出影响 broadcom privileged_access_manager 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2019-7392 | An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration. | [email protected] | 9.1 | 1.72% | 2019-02-26 | 2026-06-16 |
| CVE-2018-9029 | An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks. | [email protected] | 9.8 | 1.75% | 2018-06-18 | 2026-06-16 |
| CVE-2018-9028 | Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking. | [email protected] | 7.5 | 0.91% | 2018-06-18 | 2026-06-16 |
| CVE-2018-9026 | A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. | [email protected] | 7.5 | 1.33% | 2018-06-18 | 2026-06-16 |
| CVE-2018-9025 | An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input. | [email protected] | 7.5 | 1.41% | 2018-06-18 | 2026-06-16 |
| CVE-2018-9024 | An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. | [email protected] | 5.3 | 1.12% | 2018-06-18 | 2026-06-16 |
| CVE-2018-9023 | An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script. | [email protected] | 8.8 | 1.91% | 2018-06-18 | 2026-06-16 |
| CVE-2018-9022 | An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file. | [email protected] | 9.8 | 20.39% | 2018-06-18 | 2026-06-16 |
| CVE-2018-9021 | An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests. | [email protected] | 9.8 | 19.38% | 2018-06-18 | 2026-06-16 |
| CVE-2015-4664 | An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. | [email protected] | 9.8 | 20.83% | 2018-06-18 | 2026-06-16 |