All the vulnerabilites related to ca - client_automation
Vulnerability from fkie_nvd
Published
2015-06-17 10:59
Modified
2024-11-21 02:29
Severity ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ca | client_automation | r12.5 | |
| ca | client_automation | r12.8 | |
| ca | client_automation | r12.9 | |
| ca | network_and_systems_management | r11.2 | |
| ca | nsm_job_management_option | r11.0 | |
| ca | nsm_job_management_option | r11.1 | |
| ca | nsm_job_management_option | r11.2 | |
| ca | universal_job_management_agent | - | |
| ca | virtual_assurance_for_infrastructure_managers | 12.6 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.7 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.8 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.9 | |
| ca | workload_automation_ae | r11.0 | |
| ca | workload_automation_ae | r11.3 | |
| ca | workload_automation_ae | r11.3.5 | |
| ca | workload_automation_ae | r11.3.6 | |
| hp | hp-ux | * | |
| ibm | aix | * | |
| linux | linux_kernel | * | |
| oracle | solaris | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
"matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA428A34-C776-405A-93CB-1446A10C56AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no valida correctamente una variable no especificada, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-3318",
"lastModified": "2024-11-21T02:29:08.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T10:59:03.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-06 00:29
Modified
2024-11-21 03:33
Severity ?
Summary
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ca | client_automation | r12.9 | |
| ca | client_automation | r14.0 | |
| ca | client_automation | r14.0 | |
| linux | linux_kernel | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "822846C6-B04D-430B-B831-321E0A854771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r14.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "81A0389B-F9B6-4A12-9D22-20FC662E5492",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation."
},
{
"lang": "es",
"value": "El componente de Administraci\u00f3n de Instalaci\u00f3n del Sistema Operativo en CA Client Automation versiones r12.9, r14.0 y r14.0 SP1, coloca una contrase\u00f1a cifrada en un archivo local legible durante la instalaci\u00f3n del sistema operativo, lo que permite a usuarios locales obtener informaci\u00f3n confidencial por la lectura de este archivo despu\u00e9s de la instalaci\u00f3n del sistema operativo."
}
],
"id": "CVE-2017-8391",
"lastModified": "2024-11-21T03:33:56.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-06T00:29:00.523",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98344"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1038410"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-17 10:59
Modified
2024-11-21 02:29
Severity ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | network_and_systems_management | r11.1 | |
| ca | client_automation | r12.5 | |
| ca | client_automation | r12.8 | |
| ca | client_automation | r12.9 | |
| ca | network_and_systems_management | r11.2 | |
| ca | nsm_job_management_option | r11.0 | |
| ca | nsm_job_management_option | r11.1 | |
| ca | nsm_job_management_option | r11.2 | |
| ca | universal_job_management_agent | - | |
| ca | virtual_assurance_for_infrastructure_managers | 12.6 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.7 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.8 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.9 | |
| ca | workload_automation_ae | r11 | |
| ca | workload_automation_ae | r11.3 | |
| ca | workload_automation_ae | r11.3.5 | |
| ca | workload_automation_ae | r11.3.6 | |
| hp | hp-ux | * | |
| ibm | aix | * | |
| linux | linux_kernel | * | |
| oracle | solaris | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF64064-1C35-4888-BBC2-52F68EF9517F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
"matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8B3B9-4DAC-43CE-AA4A-33F3AD3B8CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
},
{
"lang": "es",
"value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, permite a usuarios locales ganar privilegios a trav\u00e9s de una variable de entorno no especificada."
}
],
"id": "CVE-2015-3316",
"lastModified": "2024-11-21T02:29:08.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T10:59:01.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-17 10:59
Modified
2024-11-21 02:29
Severity ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ca | client_automation | r12.5 | |
| ca | client_automation | r12.8 | |
| ca | client_automation | r12.9 | |
| ca | network_and_systems_management | r11.2 | |
| ca | nsm_job_management_option | r11.0 | |
| ca | nsm_job_management_option | r11.1 | |
| ca | nsm_job_management_option | r11.2 | |
| ca | universal_job_management_agent | - | |
| ca | virtual_assurance_for_infrastructure_managers | 12.6 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.7 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.8 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.9 | |
| ca | workload_automation_ae | r11 | |
| ca | workload_automation_ae | r11.3 | |
| ca | workload_automation_ae | r11.3.5 | |
| ca | workload_automation_ae | r11.3.6 | |
| hp | hp-ux | * | |
| ibm | aix | * | |
| linux | linux_kernel | * | |
| oracle | solaris | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
"matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8B3B9-4DAC-43CE-AA4A-33F3AD3B8CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no realiza correctamente la comprobaci\u00f3n de l\u00edmites, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-3317",
"lastModified": "2024-11-21T02:29:08.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T10:59:02.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2015-3318
Vulnerability from cvelistv5
Published
2015-06-17 10:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032513 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75033 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032512 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3318",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-8391
Vulnerability from cvelistv5
Published
2017-05-06 00:00
Modified
2024-08-05 16:34
Severity ?
EPSS score ?
Summary
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038410 | vdb-entry, x_refsource_SECTRACK | |
| https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/98344 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:22.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038410",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038410"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.html"
},
{
"name": "98344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98344"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1038410",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038410"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.html"
},
{
"name": "98344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038410",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038410"
},
{
"name": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.html",
"refsource": "CONFIRM",
"url": "https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20170504-01-security-notice-for-ca-client-automation-os-installation-mgmt.html"
},
{
"name": "98344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8391",
"datePublished": "2017-05-06T00:00:00",
"dateReserved": "2017-05-01T00:00:00",
"dateUpdated": "2024-08-05T16:34:22.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3317
Vulnerability from cvelistv5
Published
2015-06-17 10:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032513 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75033 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032512 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3317",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-3316
Vulnerability from cvelistv5
Published
2015-06-17 10:00
Modified
2024-08-06 05:47
Severity ?
EPSS score ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1032513 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75033 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032512 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3316",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}