CVE Vulnerabilities

CVE-2016-10086

Published: Jan 18, 2017 | Modified: Jan 20, 2017
CVSS 3.x
8.1
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.

Affected Software

Name Vendor Start Version End Version
Service_desk_management Ca 14.1 (including) 14.1 (including)
Service_desk_manager Ca 12.9 (including) 12.9 (including)

References