CVE-2018-9024

CWE-287Improper Authentication3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.8%
top 25.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Privileged Access ManagerCA Technologies CA Privileged Access Manager
Timeline
PublishedJun 18
Latest updateMay 13

Description

An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-xjrw-4vxx-f2vq: An improper authentication vulnerability in CA Privileged Access Manager 22022-05-13
CVEList
CVE-2018-9024: An improper authentication vulnerability in CA Privileged Access Manager 22018-06-18
CVE-2018-9024 (MEDIUM CVSS 5.3) | An improper authentication vulnerab | cvebase.io