CVE-2016-10086

HIGH

CA Service Desk Mgr <14.1 - Info Disclosure

Title source: llm

Description

RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.

References (3)

Scores

CVSS v3 8.1
EPSS 0.0072
EPSS Percentile 72.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Classification

CWE
CWE-264
Status draft

Affected Products (2)

ca/service_desk_management
ca/service_desk_manager

Timeline

Published Jan 18, 2017
Tracked Since Feb 18, 2026