Broadcom Ehealth vulnerabilities

CVE-2021-28248 [HIGH] CWE-307 CVE-2021-28248: CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Aut CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no long

CVE-2021-28246 [HIGH] CWE-426 CVE-2021-28246: CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamicall CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be executed as the ehealth user. NOTE: This vulnerability o

CVE-2016-6152 [HIGH] CVE-2016-6152: CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of se CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors.