CVE-2015-4664
CRITICALBroadcom Privileged Access Manager - Improper Input Validation
Title source: ruleDescription
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.
Exploits (1)
References (4)
Scores
CVSS v3
9.8
EPSS
0.5100
EPSS Percentile
97.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (3)
broadcom/privileged_access_manager
< 2.4.4.4
xceedium/xsuite
2.3.0
xceedium/xsuite
2.4.3.0
Published
Jun 18, 2018
Tracked Since
Feb 18, 2026