Denial of Service Vulnerability in CA Single Sign-On Web Agent
CVE-2015-6853

9.1CRITICAL

Key Information:

Vendor: Broadcom
Status: Single Sign-on
Vendor: CVE Published:; 24 March 2016

What is CVE-2015-6853?

The Domino web agent in CA Single Sign-On is vulnerable to crafted requests that can lead to a denial of service, potentially crashing the daemon and exposing sensitive information to unauthorized users. This vulnerability affects multiple versions of CA Single Sign-On and requires immediate attention to mitigate risks.

References

http://www.securitytracker.com/id/1035389

vdb-entryx_refsource_SECTRACK

http://www.ca.com/us/support/ca-support-online/product-co...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 24, 2016
Vulnerability Reserved
Sep 10, 2015

Broadcom

What is CVE-2015-6853?

References

CVSS V3.1

Timeline