Denial of Service Vulnerability in CA Single Sign-On Products
CVE-2015-6854

9.1CRITICAL

Key Information:

Vendor: Broadcom
Status: Single Sign-on
Vendor: CVE Published:; 24 March 2016

What is CVE-2015-6854?

The non-Domino web agents in CA Single Sign-On are vulnerable to an exploit that allows remote attackers to craft specific requests, leading to a denial of service through daemon crashes or the unauthorized disclosure of sensitive information.

References

http://www.securitytracker.com/id/1035389

vdb-entryx_refsource_SECTRACK

http://www.ca.com/us/support/ca-support-online/product-co...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 24, 2016
Vulnerability Reserved
Sep 10, 2015

Broadcom

What is CVE-2015-6854?

References

CVSS V3.1

Timeline