Showing 1 - 2 of 2

CVE-2015-4669

Status Candidate

Overview

The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access databases on the system.

CA Privileged Access Manager 2.x Code Execution: Posted Jun 15, 2018; Authored by Ken Williams | Site www3.ca.com; CA Technologies Support is alerting customers to multiple potential risks with CA Privileged Access Manager. Multiple vulnerabilities exist that can allow a remote attacker to conduct a variety of attacks. These risks include seven vulnerabilities privately reported within the past year to CA Technologies by security researchers, and nine vulnerabilities for Xceedium Xsuite that were publicly disclosed in July 2015. CA Technologies acquired Xceedium in August 2015, and Xceedium products were renamed and became part of Privileged Access Management solutions from CA Technologies. Sixteen vulnerabilities are outlined in this advisory.; tags | advisory, remote, vulnerability; advisories | CVE-2015-4664, CVE-2015-4665, CVE-2015-4666, CVE-2015-4667, CVE-2015-4668, CVE-2015-4669, CVE-2018-9021, CVE-2018-9022, CVE-2018-9023, CVE-2018-9024, CVE-2018-9025, CVE-2018-9026, CVE-2018-9027, CVE-2018-9028, CVE-2018-9029; SHA-256 | e96803cc63a6f3f9a3937d46a106a0ea76325469c5a8f0baba0c2727dc8b5776; Download | Favorite | View

Xceedium Xsuite Command Injection / XSS / Traversal / Escalation: Posted Jul 22, 2015; Authored by Martin Schobert; Xceedium Xsuite versions 2.3.0 and 2.4.3.0 suffer from command injection, cross site scripting, directory traversal, hard-coded credential, and privilege escalation vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2015-4664, CVE-2015-4669; SHA-256 | 435b9ea5332e4395e8c3c079290a5fe9be967080695ef116f10918e9ad4d0414; Download | Favorite | View

Page 1 of 1 Back 1 Next