CVE-2018-14597

medium

Description

CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.

References

https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20181017-01-security-notice-for-ca-identity-governance.html

http://www.securityfocus.com/bid/105688

Details

Source: Mitre, NVD

Published: 2018-10-17

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N