What the vulnerability does

01Description

CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names.

Key dates

02Disclosure timeline

October 17, 2018 CVE published
August 5, 2024 Record updated