CVE-2020-11659

CWE-639Insecure Direct Object Reference3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 58.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom CA API Developer Portal
Timeline
PublishedApr 15
Latest updateMay 24

Description

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ca_api_developer_portal4.3.1 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-w8xx-jh7q-6xj6: CA API Developer Portal 42022-05-24
CVEList
CVE-2020-11659: CA API Developer Portal 42020-04-15
CVE-2020-11659 (MEDIUM CVSS 4.3) | CA API Developer Portal 4.3.1 and e | cvebase.io