CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28248
https://notcve.org/view.php?id=CVE-2021-28248
26 Mar 2021 — CA eHealth Performance Manager through 6.3.2.12 is affected by Improper Restriction of Excessive Authentication Attempts. An attacker is able to perform an arbitrary number of /web/frames/ authentication attempts using different passwords, and eventually gain access to a targeted account, NOTE: This vulnerability only affects products that are no longer supported by the maintainer CA eHealth Performance Manager versiones hasta 6.3.2.12, está afectado por la Restricción Inapropiada de Intentos de Autenticaci... • https://n4nj0.github.io/advisories/ca-ehealth-performance-manager • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28246
https://notcve.org/view.php?id=CVE-2021-28246
26 Mar 2021 — CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be executed as the ehealth user. NOTE: This vulnerability only affects products that are no longer supported by the maintainer CA eHealth Performance Manager versiones hasta 6.3.2.12, está afectado por una Escalada de ... • https://n4nj0.github.io/advisories/ca-ehealth-performance-manager • CWE-426: Untrusted Search Path •
CVSS: 9.0EPSS: 1%CPEs: 18EXPL: 0CVE-2016-6152 – CA eHealth Denial of Service / Code Execution
https://notcve.org/view.php?id=CVE-2016-6152
22 Jul 2016 — CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors. CA eHealth 6.2.x y 6.3.x en versiones anteriores a 6.3.2.13 permite a usuarios remotos autenticados provocar una denegación de servicio o posiblemente ejecutar comandos arbitrarios a través de vectores no especificados. CA Technologies Support is alerting customers to multiple potential risks with CA eHealth. Two vulnerabilities exist in th... • http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160721-01-security-notice-for-ca-ehealth.aspx •