Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

CA Single Sign-On Unspecified High-Risk Vulnerabilities Advisory

Gauge showing high severity reading for a security advisory for EzAdsPro “BlackBox” application.


Patch Date

March 23, 2016


CA Technologies

Systems Affected

Version 6 - 12.52 SP2


Two high-risk vulnerabilities were discovered in the CA Technologies Single Sign-On (formerly CA SiteMinder®) application. These vulnerabilities allowed a remote attacker to cause a denial-of-service (DoS) attack or possibly gain sensitive information. We worked closely with CA Technologies in the disclosure and remediation process. Their team of engineers developed fixes that address the problems. If you’re a client of CA Technologies that relies on Single Sign-On, please visit their site for patching information.

Vendor Status

CA has been notified and have fixed the application. CVEs have been assigned to the respective vulnerabilities: CVE-2015-6853 and CVE-2015-6854.


Mike Brooks of Bishop Fox

Subscribe to Bishop Fox's Security Blog

Be first to learn about latest tools, advisories, and findings.

Default fox headshot blue

About the author, Mike Brooks

Mike Brooks is a security researcher. He was formerly a consultant at Bishop Fox.
More by Mike

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.