what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Jake Miller

CA Identity Governance Username Enumeration

Posted Oct 19, 2018

Authored by Kevin Kotas, Jake Miller | Site www3.ca.com

CA Technologies Support is alerting customers to a low risk issue with CA Identity Governance. In a certain product configuration, an attacker can gain sensitive information. CA published solutions to address the vulnerability. The vulnerability occurs due to how CA Identity Governance responds to login requests. An attacker may exploit the vulnerability to enumerate account names. Affected products include CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 and CA Identity Governance 12.6, 14.0, 14.1, and 14.2.

tags | advisory

advisories | CVE-2018-14597

SHA-256 | 77fb382be97c445901464a21707cba72f39427d270744ebfe38f59cd2119ab24

Download | Favorite | View

CA Identity Governance 12.6 Cross Site Scripting

Posted Nov 15, 2017

Authored by Kevin Kotas, Jake Miller | Site www3.ca.com

CA Identity Governance version 12.6 suffers from a cross site scripting vulnerability.

tags | advisory, xss

advisories | CVE-2017-9394

SHA-256 | aad777eb35b7f0095b61e0b61482090142d26c18db84ef8693c72377ea6cf30b

Download | Favorite | View