RSS   Vulnerabilities for '2e web option'   RSS

2014-02-14
 
CVE-2014-1219

CWE-20
 

 
CA 2E Web Option r8.1.2 accepts a predictable substring of a W2E_SSNID session token in place of the entire token, which allows remote attackers to hijack sessions by changing characters at the end of this substring, as demonstrated by terminating a session via a modified SSNID parameter to web2edoc/close.htm.

 

 >>> Vendor: CA 195 Products
Controlit
Arcserve backup
Inoculan
Inoculateit
Etrust intrusion detection
Etrust access control
Siteminder
Inoculateit agent for exchange
Ccc harvest
Arcserve backup 2000
Gateway security
Mlink
Unicenter remote control host
Unicenter remote control
Unicenter remote control option
Identityminder
Brightstor arcserve backup
Etrust antivirus
Etrust antivirus gateway
Etrust ez antivirus
Etrust ez armor
Etrust secure content manager
Unicenter tng
Etrust antivirus ee
Common services
Unicenter network and systems management
Unicenter serviceplus service desk
Unicenter web services distributed management
License software
Unicenter asset management
Internet security suite
Brightstor arcserve backup agent
Brightstor enterprise backup
Brightstor enterprise backup agent
Etrust ez armor le
Vet antivirus
Etrust siteminder
Brightstor arcserve backup hp
Advantage data transport
Adviseit
Brightstor portal
Brightstor san manager
Cleverpath ecm
Cleverpath olap
Cleverpath predictive analysis server
Etrust admin
Message queuing
Unicenter application performance monitor
Unicenter data transport option
Unicenter enterprise job manager
Unicenter jasmine
Unicenter management
Unicenter nsm
Unicenter performance management
Unicenter service level management
Unicenter software delivery
Cleverpath aion
Messaging
Unicenter management portal
Unicenter nsm wireless network management option
Igateway
Etrust antivirus iris engine
Brightstor arcserve backup laptops desktops
Brightstor process automation manager
Brightstor storage resource manager
Etrust audit aries
Etrust audit irecorder
Etrust directory
Etrust identity minder
Etrust integrated threat management
Itechnology igateway
Unicenter application server managment
Unicenter asset portfolio management
Unicenter autosys jm
Unicenter ca web services distributed management
Unicenter exchange management console
Unicenter service catalog fulfillment accounting
Unicenter service delivery
Unicenter service desk
Unicenter service desk knowledge tools
Unicenter service fulfillment
Unicenter service metric analysis
Unicenter web server management
Cleverpath portal
Brightstor mobile backup
Business protection suite
Desktop protection suite
Server protection suite
Directory
Resource initialization manager
Etrust pestpatrol
Integrated threat management
Etrust antivirus webscan
Identity manager
Etrust security command center
Etrust audit client
Etrust audit datatools
Etrust audit policy manager
Protection suites
Anti-virus
See all Products for Vendor CA


Copyright 2024, cxsecurity.com

 

Back to Top