The server http://api.tapplock.com/ which servers as the api server for the
tapplock smart lock is vulnerable to multiple authorization bypasses allowing
horizontal escalation of privileges which could lead to the disclosure of all
the info of all users and total compromise of every lock. The a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
CA20180614-01: Security Notice for CA Privileged Access Manager
Issued: June 14th, 2018
Last Updated: June 14th, 2018
CA Technologies Support is alerting customers to multiple potential
risks with CA Privileged Access Manager. Multiple vulnerabi