Search criteria
12 vulnerabilities found for workload_automation_ae by ca
FKIE_CVE-2018-8953
Vulnerability from fkie_nvd - Published: 2018-04-11 17:29 - Updated: 2024-11-21 04:14
Severity ?
Summary
CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.
References
| URL | Tags | ||
|---|---|---|---|
| vuln@ca.com | http://www.securityfocus.com/bid/103742 | Third Party Advisory, VDB Entry | |
| vuln@ca.com | http://www.securitytracker.com/id/1040605 | Third Party Advisory, VDB Entry | |
| vuln@ca.com | https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103742 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040605 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ca | workload_automation_ae | * | |
| ca | workload_automation_ae | r11.3.6 | |
| ca | workload_automation_ae | r11.3.6 | |
| ca | workload_automation_ae | r11.3.6 | |
| ca | workload_automation_ae | r11.3.6 | |
| ca | workload_automation_ae | r11.3.6 | |
| ca | workload_automation_ae | r11.3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEC523-E669-4952-87A7-72F156C37613",
"versionEndIncluding": "r11.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "70B64F68-D841-4F9A-BF41-90E2C19C0277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "FF08B666-9951-4E8A-B297-7202F220F246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp3:*:*:*:*:*:*",
"matchCriteriaId": "E5BAEB0B-C443-4149-AC47-6BC7BC648379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp4:*:*:*:*:*:*",
"matchCriteriaId": "238C5D87-C85B-474F-97D7-843E529F1C22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp5:*:*:*:*:*:*",
"matchCriteriaId": "1461715D-EC38-4759-9552-D284AF7C9339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp6:*:*:*:*:*:*",
"matchCriteriaId": "E26BCF9E-1C65-443E-A99C-CE6AEA6C8863",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
},
{
"lang": "es",
"value": "CA Workload Automation AE en versiones anteriores a la r11.3.6 SP7 permite que los atacantes remotos realicen una inyecci\u00f3n SQL mediante una petici\u00f3n HTTP manipulada."
}
],
"id": "CVE-2018-8953",
"lastModified": "2024-11-21T04:14:40.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-11T17:29:00.473",
"references": [
{
"source": "vuln@ca.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103742"
},
{
"source": "vuln@ca.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040605"
},
{
"source": "vuln@ca.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
}
],
"sourceIdentifier": "vuln@ca.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-3318
Vulnerability from fkie_nvd - Published: 2015-06-17 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ca | client_automation | r12.5 | |
| ca | client_automation | r12.8 | |
| ca | client_automation | r12.9 | |
| ca | network_and_systems_management | r11.2 | |
| ca | nsm_job_management_option | r11.0 | |
| ca | nsm_job_management_option | r11.1 | |
| ca | nsm_job_management_option | r11.2 | |
| ca | universal_job_management_agent | - | |
| ca | virtual_assurance_for_infrastructure_managers | 12.6 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.7 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.8 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.9 | |
| ca | workload_automation_ae | r11.0 | |
| ca | workload_automation_ae | r11.3 | |
| ca | workload_automation_ae | r11.3.5 | |
| ca | workload_automation_ae | r11.3.6 | |
| hp | hp-ux | * | |
| ibm | aix | * | |
| linux | linux_kernel | * | |
| oracle | solaris | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
"matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA428A34-C776-405A-93CB-1446A10C56AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no valida correctamente una variable no especificada, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-3318",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T10:59:03.087",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-3317
Vulnerability from fkie_nvd - Published: 2015-06-17 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ca | client_automation | r12.5 | |
| ca | client_automation | r12.8 | |
| ca | client_automation | r12.9 | |
| ca | network_and_systems_management | r11.2 | |
| ca | nsm_job_management_option | r11.0 | |
| ca | nsm_job_management_option | r11.1 | |
| ca | nsm_job_management_option | r11.2 | |
| ca | universal_job_management_agent | - | |
| ca | virtual_assurance_for_infrastructure_managers | 12.6 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.7 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.8 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.9 | |
| ca | workload_automation_ae | r11 | |
| ca | workload_automation_ae | r11.3 | |
| ca | workload_automation_ae | r11.3.5 | |
| ca | workload_automation_ae | r11.3.6 | |
| hp | hp-ux | * | |
| ibm | aix | * | |
| linux | linux_kernel | * | |
| oracle | solaris | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
"matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8B3B9-4DAC-43CE-AA4A-33F3AD3B8CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no realiza correctamente la comprobaci\u00f3n de l\u00edmites, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-3317",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T10:59:02.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-3316
Vulnerability from fkie_nvd - Published: 2015-06-17 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | network_and_systems_management | r11.1 | |
| ca | client_automation | r12.5 | |
| ca | client_automation | r12.8 | |
| ca | client_automation | r12.9 | |
| ca | network_and_systems_management | r11.2 | |
| ca | nsm_job_management_option | r11.0 | |
| ca | nsm_job_management_option | r11.1 | |
| ca | nsm_job_management_option | r11.2 | |
| ca | universal_job_management_agent | - | |
| ca | virtual_assurance_for_infrastructure_managers | 12.6 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.7 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.8 | |
| ca | virtual_assurance_for_infrastructure_managers | 12.9 | |
| ca | workload_automation_ae | r11 | |
| ca | workload_automation_ae | r11.3 | |
| ca | workload_automation_ae | r11.3.5 | |
| ca | workload_automation_ae | r11.3.6 | |
| hp | hp-ux | * | |
| ibm | aix | * | |
| linux | linux_kernel | * | |
| oracle | solaris | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF64064-1C35-4888-BBC2-52F68EF9517F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
"matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8B3B9-4DAC-43CE-AA4A-33F3AD3B8CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
},
{
"lang": "es",
"value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, permite a usuarios locales ganar privilegios a trav\u00e9s de una variable de entorno no especificada."
}
],
"id": "CVE-2015-3316",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-17T10:59:01.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-8953 (GCVE-0-2018-8953)
Vulnerability from cvelistv5 – Published: 2018-04-11 17:00 – Updated: 2024-09-16 20:22
VLAI?
Summary
CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.
Severity ?
No CVSS data available.
CWE
- SQL Injection
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CA Technologies | Workload Automation AE |
Affected:
r11.3.5, r11.3.6 SP6 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040605"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"name": "103742",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workload Automation AE",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "r11.3.5, r11.3.6 SP6 and earlier"
}
]
}
],
"datePublic": "2018-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-14T09:57:01",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "1040605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040605"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"name": "103742",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-03-29T00:00:00",
"ID": "CVE-2018-8953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workload Automation AE",
"version": {
"version_data": [
{
"version_value": "r11.3.5, r11.3.6 SP6 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040605",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040605"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"name": "103742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-8953",
"datePublished": "2018-04-11T17:00:00Z",
"dateReserved": "2018-03-23T00:00:00",
"dateUpdated": "2024-09-16T20:22:08.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3316 (GCVE-0-2015-3316)
Vulnerability from cvelistv5 – Published: 2015-06-17 10:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3316",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3318 (GCVE-0-2015-3318)
Vulnerability from cvelistv5 – Published: 2015-06-17 10:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3318",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3317 (GCVE-0-2015-3317)
Vulnerability from cvelistv5 – Published: 2015-06-17 10:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3317",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8953 (GCVE-0-2018-8953)
Vulnerability from nvd – Published: 2018-04-11 17:00 – Updated: 2024-09-16 20:22
VLAI?
Summary
CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.
Severity ?
No CVSS data available.
CWE
- SQL Injection
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CA Technologies | Workload Automation AE |
Affected:
r11.3.5, r11.3.6 SP6 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040605"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"name": "103742",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103742"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workload Automation AE",
"vendor": "CA Technologies",
"versions": [
{
"status": "affected",
"version": "r11.3.5, r11.3.6 SP6 and earlier"
}
]
}
],
"datePublic": "2018-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-14T09:57:01",
"orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"shortName": "ca"
},
"references": [
{
"name": "1040605",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040605"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"name": "103742",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103742"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-03-29T00:00:00",
"ID": "CVE-2018-8953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workload Automation AE",
"version": {
"version_data": [
{
"version_value": "r11.3.5, r11.3.6 SP6 and earlier"
}
]
}
}
]
},
"vendor_name": "CA Technologies"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040605",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040605"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
},
{
"name": "103742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103742"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
"assignerShortName": "ca",
"cveId": "CVE-2018-8953",
"datePublished": "2018-04-11T17:00:00Z",
"dateReserved": "2018-03-23T00:00:00",
"dateUpdated": "2024-09-16T20:22:08.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3316 (GCVE-0-2015-3316)
Vulnerability from nvd – Published: 2015-06-17 10:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3316",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3318 (GCVE-0-2015-3318)
Vulnerability from nvd – Published: 2015-06-17 10:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3318",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3317 (GCVE-0-2015-3317)
Vulnerability from nvd – Published: 2015-06-17 10:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:56.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1032513",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032512"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032513"
},
{
"name": "75033",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75033"
},
{
"name": "1032512",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032512"
},
{
"name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3317",
"datePublished": "2015-06-17T10:00:00",
"dateReserved": "2015-04-16T00:00:00",
"dateUpdated": "2024-08-06T05:47:56.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}