CVE-2020-11665
Severity
6.1MEDIUM
EPSS
0.3%
top 50.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 15
Latest updateMay 24
Description
CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7