CVE-2020-11662

High

7.5/10

Summary

CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

References

Advisory Timeline

Published Apr 15, 2020

CVE-2020-11662

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS