CVE-2020-11666Improper Privilege Management in CA API Developer Portal

CWE-269Improper Privilege Management3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.9%
top 23.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom CA API Developer Portal
Timeline
PublishedApr 15
Latest updateMay 24

Description

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5broadcom/ca_api_developer_portal4.3.1 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-vgfh-838x-q4cm: CA API Developer Portal 42022-05-24
CVEList
CVE-2020-11666: CA API Developer Portal 42020-04-15
CVE-2020-11666 — Improper Privilege Management | cvebase