CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/105688 | Third Party Advisory VDB Entry |
https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20181017-01-security-notice-for-ca-identity-governance.html | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ca
Published: 2018-10-17T21:00:00
Updated: 2018-10-23T09:57:01
Reserved: 2018-07-25T00:00:00
Link: CVE-2018-14597
JSON object: View
NVD Information
Status : Modified
Published: 2018-10-17T21:49:52.897
Modified: 2019-10-09T23:35:01.420
Link: CVE-2018-14597
JSON object: View
Redhat Information
No data.