GCVE - cpe:2.3:a:ca_technologies:ca_privileged_access

Approved changes feed: RSS · Atom

cpe:2.3:a:ca_technologies:ca_privileged_access_manager:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Ca Technologies (`255fd419-1e98-5f77-8619-9e5785d1f39d`)
Product	Ca Privileged Access Manager (`d5a9a08c-852e-5d6a-a19b-b85a2f568a07`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-9029`	vulnerable	2026-06-08 05:12:06.821014	Details available An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-17T00:06:35.624Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9028`	vulnerable	2026-06-08 05:12:06.820685	Details available Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-16T23:15:27.404Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9027`	vulnerable	2026-06-08 05:12:06.818288	Details available A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-17T03:43:13.156Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9026`	vulnerable	2026-06-08 05:12:06.817907	Details available A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-16T19:10:25.410Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9025`	vulnerable	2026-06-08 05:12:06.817521	Details available An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-16T22:35:11.606Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9024`	vulnerable	2026-06-08 05:12:06.817101	Details available An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-16T16:18:45.972Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9023`	vulnerable	2026-06-08 05:12:06.816709	Details available An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-16T22:01:45.304Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9022`	vulnerable	2026-06-08 05:12:06.816261	Details available An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-17T01:51:32.045Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-9021`	vulnerable	2026-06-08 05:12:06.814115	Details available An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests. Published: 2018-06-18T18:00:00.000Z Updated: 2024-09-16T16:43:19.872Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/104496 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html http://packetstormsecurity.com/files/155576/Broadcom-CA-Privileged-Access-Manager-2.8.2-Remote-Command-Execution.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-4664`	vulnerable	2026-06-08 05:06:40.406068	Details available An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. Published: 2018-06-18T18:00:00.000Z Updated: 2024-08-06T06:18:12.232Z Open on db.gcve.eu Reference links https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt https://www.exploit-db.com/exploits/37708/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Ca Privileged Access Manager

PURL mappings

Vulnerability references

Contribute