Description
CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/510564/100/0/threaded
Patch, Vendor Advisory x_refsource_confirm
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/39249
Scores
EPSS
0.0207
EPSS Percentile
79.0%
Details
CWE
CWE-287
Status
published
Products (3)
ca/xosoft_content_distribution
r12.5
ca/xosoft_high_availability
r12.5
ca/xosoft_replication
r12.5
Published
Apr 07, 2010
Tracked Since
Feb 18, 2026