Roman Paci

**Name of the Vulnerable Software and Affected Versions** CA API Developer Portal versions 4.3.1 and earlier **Description** The issue is related to an access control flaw that allows privileged users to perform a restricted user administration action. **Recommendations** For CA API Developer Portal versions 4.3.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CA API Developer Portal versions 4.3.1 and earlier **Description** The issue is related to an access control flaw that allows privileged users to view and edit user data. **Recommendations** For CA API Developer Portal versions 4.3.1 and earlier, update to a version that contains a fix for this issue to prevent privileged users from accessing and modifying user data without proper authorization.

**Name of the Vulnerable Software and Affected Versions** CA API Developer Portal versions 4.3.1 and earlier **Description** The issue allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information due to insecure request handling. **Recommendations** For CA API Developer Portal versions 4.3.1 and earlier, update to a version later than 4.3.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** CA API Developer Portal versions 4.3.1 and earlier **Description** The issue allows attackers to perform open redirect attacks due to insecure handling of loginRedirect page redirects. **Recommendations** For CA API Developer Portal versions 4.3.1 and earlier, update to a version that securely handles loginRedirect page redirects to prevent open redirect attacks.