Overview
- Description
- CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.
- Source
- vuln@ca.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:ca_identity_governance:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "490A1121-1717-4CB5-A125-86AB9FA73FA1",
"versionEndIncluding": "14.2",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:a:broadcom:ca_identity_governance:12.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33287A1F-869F-445C-A339-163C6A2F4C3E"
},
{
"criteria": "cpe:2.3:a:broadcom:ca_identity_suite_virtual_appliance:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB251742-28E6-4A2C-A379-1460EB09BBD7",
"versionEndIncluding": "14.2",
"versionStartIncluding": "14.0"
}
],
"operator": "OR"
}
]
}
]