1. Home
  2. CVE Database
  3. CVE-2015-6853
CRITICAL · 9.1

CVE-2015-6853

The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remot...

Vulnerability Description

The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service (daemon crash) or obtain sensitive information via a crafted request.

CVSS Score

9.1

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
BroadcomSingle Sign-Onr6.0

Related Weaknesses (CWE)

CWE-345

References

FAQ

What is CVE-2015-6853?

CVE-2015-6853 is a vulnerability with a CVSS score of 9.1 (CRITICAL). The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remot...

How severe is CVE-2015-6853?

CVE-2015-6853 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2015-6853?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Single Sign-On.