Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2015-06-17 10:59

Modified

2024-11-21 02:29

Severity ?

Summary

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.

References

URL	Tags
cve@mitre.org	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/75033
cve@mitre.org	http://www.securitytracker.com/id/1032512
cve@mitre.org	http://www.securitytracker.com/id/1032513
af854a3a-2127-422b-91ae-364da2661108	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/75033
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032512
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032513

Impacted products

Vendor	Product	Version
ca	client_automation	r12.5
ca	client_automation	r12.8
ca	client_automation	r12.9
ca	network_and_systems_management	r11.2
ca	nsm_job_management_option	r11.0
ca	nsm_job_management_option	r11.1
ca	nsm_job_management_option	r11.2
ca	universal_job_management_agent	-
ca	virtual_assurance_for_infrastructure_managers	12.6
ca	virtual_assurance_for_infrastructure_managers	12.7
ca	virtual_assurance_for_infrastructure_managers	12.8
ca	virtual_assurance_for_infrastructure_managers	12.9
ca	workload_automation_ae	r11.0
ca	workload_automation_ae	r11.3
ca	workload_automation_ae	r11.3.5
ca	workload_automation_ae	r11.3.6
hp	hp-ux	*
ibm	aix	*
linux	linux_kernel	*
oracle	solaris	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
              "matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA428A34-C776-405A-93CB-1446A10C56AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
    },
    {
      "lang": "es",
      "value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no valida correctamente una variable no especificada, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2015-3318",
  "lastModified": "2024-11-21T02:29:08.880",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-06-17T10:59:03.087",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/75033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1032512"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1032513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/75033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032513"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-04-11 17:29

Modified

2024-11-21 04:14

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.

References

URL	Tags
vuln@ca.com	http://www.securityfocus.com/bid/103742	Third Party Advisory, VDB Entry
vuln@ca.com	http://www.securitytracker.com/id/1040605	Third Party Advisory, VDB Entry
vuln@ca.com	https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103742	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1040605	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html	Vendor Advisory

Impacted products

Vendor	Product	Version
ca	workload_automation_ae	*
ca	workload_automation_ae	r11.3.6
ca	workload_automation_ae	r11.3.6
ca	workload_automation_ae	r11.3.6
ca	workload_automation_ae	r11.3.6
ca	workload_automation_ae	r11.3.6
ca	workload_automation_ae	r11.3.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FFEC523-E669-4952-87A7-72F156C37613",
              "versionEndIncluding": "r11.3.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "70B64F68-D841-4F9A-BF41-90E2C19C0277",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "FF08B666-9951-4E8A-B297-7202F220F246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "E5BAEB0B-C443-4149-AC47-6BC7BC648379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "238C5D87-C85B-474F-97D7-843E529F1C22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp5:*:*:*:*:*:*",
              "matchCriteriaId": "1461715D-EC38-4759-9552-D284AF7C9339",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "E26BCF9E-1C65-443E-A99C-CE6AEA6C8863",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
    },
    {
      "lang": "es",
      "value": "CA Workload Automation AE en versiones anteriores a la r11.3.6 SP7 permite que los atacantes remotos realicen una inyecci\u00f3n SQL mediante una petici\u00f3n HTTP manipulada."
    }
  ],
  "id": "CVE-2018-8953",
  "lastModified": "2024-11-21T04:14:40.413",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-11T17:29:00.473",
  "references": [
    {
      "source": "vuln@ca.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103742"
    },
    {
      "source": "vuln@ca.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040605"
    },
    {
      "source": "vuln@ca.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040605"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
    }
  ],
  "sourceIdentifier": "vuln@ca.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-06-17 10:59

Modified

2024-11-21 02:29

Severity ?

Summary

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.

References

URL	Tags
cve@mitre.org	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/75033
cve@mitre.org	http://www.securitytracker.com/id/1032512
cve@mitre.org	http://www.securitytracker.com/id/1032513
af854a3a-2127-422b-91ae-364da2661108	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/75033
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032512
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032513

Impacted products

Vendor	Product	Version
broadcom	network_and_systems_management	r11.1
ca	client_automation	r12.5
ca	client_automation	r12.8
ca	client_automation	r12.9
ca	network_and_systems_management	r11.2
ca	nsm_job_management_option	r11.0
ca	nsm_job_management_option	r11.1
ca	nsm_job_management_option	r11.2
ca	universal_job_management_agent	-
ca	virtual_assurance_for_infrastructure_managers	12.6
ca	virtual_assurance_for_infrastructure_managers	12.7
ca	virtual_assurance_for_infrastructure_managers	12.8
ca	virtual_assurance_for_infrastructure_managers	12.9
ca	workload_automation_ae	r11
ca	workload_automation_ae	r11.3
ca	workload_automation_ae	r11.3.5
ca	workload_automation_ae	r11.3.6
hp	hp-ux	*
ibm	aix	*
linux	linux_kernel	*
oracle	solaris	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF64064-1C35-4888-BBC2-52F68EF9517F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
              "matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A8B3B9-4DAC-43CE-AA4A-33F3AD3B8CA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
    },
    {
      "lang": "es",
      "value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, permite a usuarios locales ganar privilegios a trav\u00e9s de una variable de entorno no especificada."
    }
  ],
  "id": "CVE-2015-3316",
  "lastModified": "2024-11-21T02:29:08.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-06-17T10:59:01.227",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/75033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1032512"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1032513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/75033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032513"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2015-06-17 10:59

Modified

2024-11-21 02:29

Severity ?

Summary

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/75033
cve@mitre.org	http://www.securitytracker.com/id/1032512
cve@mitre.org	http://www.securitytracker.com/id/1032513
af854a3a-2127-422b-91ae-364da2661108	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/75033
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032512
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032513

Impacted products

Vendor	Product	Version
ca	client_automation	r12.5
ca	client_automation	r12.8
ca	client_automation	r12.9
ca	network_and_systems_management	r11.2
ca	nsm_job_management_option	r11.0
ca	nsm_job_management_option	r11.1
ca	nsm_job_management_option	r11.2
ca	universal_job_management_agent	-
ca	virtual_assurance_for_infrastructure_managers	12.6
ca	virtual_assurance_for_infrastructure_managers	12.7
ca	virtual_assurance_for_infrastructure_managers	12.8
ca	virtual_assurance_for_infrastructure_managers	12.9
ca	workload_automation_ae	r11
ca	workload_automation_ae	r11.3
ca	workload_automation_ae	r11.3.5
ca	workload_automation_ae	r11.3.6
hp	hp-ux	*
ibm	aix	*
linux	linux_kernel	*
oracle	solaris	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*",
              "matchCriteriaId": "5A4F9C4A-8E42-4AE9-B0BB-1BB2C6463F5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF0B8F40-7562-4FF4-BEB7-37F8A9CB6618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB5FAE9D-2ECB-41A0-8044-BD4B6A049941",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2478964-609B-4CFF-9C7B-C41DC08FE1F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E932DCC-21A7-43CC-92AF-42FDF4F6EE04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1C1949-9C3A-4904-BF98-9CC99DAA4256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "843C2083-4332-4D84-8C87-5C9CF90F3729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89CBCC3A-5510-4ACC-A57C-42AFF4513997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99FE844-7F80-4466-9948-0EC2178A368F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CC9F38-5BD0-449B-BB44-6B5505B0A0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DD6651-7B25-4FA6-B579-932FB77BF3CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC386DBF-5C12-4710-B79F-D8FF7AA13115",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A8B3B9-4DAC-43CE-AA4A-33F3AD3B8CA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "807CB824-9D95-46D7-81D5-C5186D476BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD5392E-D9ED-46E7-AA9E-D80DF9D2392A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCC05931-BF69-464C-BF3D-2BE53F00C5D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (tambi\u00e9n conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no realiza correctamente la comprobaci\u00f3n de l\u00edmites, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-3317",
  "lastModified": "2024-11-21T02:29:08.727",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-06-17T10:59:02.227",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/75033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1032512"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1032513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/75033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032513"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2015-3318

Vulnerability from cvelistv5

Published

2015-06-17 10:00

Modified

2024-08-06 05:47

Severity ?

Summary

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1032513	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/75033	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1032512	vdb-entry, x_refsource_SECTRACK
	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:56.266Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1032513",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032513"
          },
          {
            "name": "75033",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75033"
          },
          {
            "name": "1032512",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032512"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1032513",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032513"
        },
        {
          "name": "75033",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75033"
        },
        {
          "name": "1032512",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032512"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3318",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1032513",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032513"
            },
            {
              "name": "75033",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75033"
            },
            {
              "name": "1032512",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032512"
            },
            {
              "name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3318",
    "datePublished": "2015-06-17T10:00:00",
    "dateReserved": "2015-04-16T00:00:00",
    "dateUpdated": "2024-08-06T05:47:56.266Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-8953

Vulnerability from cvelistv5

Published

2018-04-11 17:00

Modified

2024-09-16 20:22

Severity ?

Summary

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1040605	vdb-entry, x_refsource_SECTRACK
	https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/103742	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

CA Technologies

Workload Automation AE

Version: r11.3.5, r11.3.6 SP6 and earlier

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:10:47.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1040605",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040605"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
          },
          {
            "name": "103742",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103742"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Workload Automation AE",
          "vendor": "CA Technologies",
          "versions": [
            {
              "status": "affected",
              "version": "r11.3.5, r11.3.6 SP6 and earlier"
            }
          ]
        }
      ],
      "datePublic": "2018-03-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "SQL Injection",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-14T09:57:01",
        "orgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
        "shortName": "ca"
      },
      "references": [
        {
          "name": "1040605",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040605"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
        },
        {
          "name": "103742",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103742"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vuln@ca.com",
          "DATE_PUBLIC": "2018-03-29T00:00:00",
          "ID": "CVE-2018-8953",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Workload Automation AE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "r11.3.5, r11.3.6 SP6 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "CA Technologies"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "SQL Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1040605",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040605"
            },
            {
              "name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html",
              "refsource": "CONFIRM",
              "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180329-01--security-notice-for-ca-workload-automation-ae.html"
            },
            {
              "name": "103742",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103742"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e291eae9-7c0a-46ac-ba7d-5251811f8b7f",
    "assignerShortName": "ca",
    "cveId": "CVE-2018-8953",
    "datePublished": "2018-04-11T17:00:00Z",
    "dateReserved": "2018-03-23T00:00:00",
    "dateUpdated": "2024-09-16T20:22:08.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-3317

Vulnerability from cvelistv5

Published

2015-06-17 10:00

Modified

2024-08-06 05:47

Severity ?

Summary

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1032513	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/75033	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1032512	vdb-entry, x_refsource_SECTRACK
	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:56.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1032513",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032513"
          },
          {
            "name": "75033",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75033"
          },
          {
            "name": "1032512",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032512"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1032513",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032513"
        },
        {
          "name": "75033",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75033"
        },
        {
          "name": "1032512",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032512"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3317",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1032513",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032513"
            },
            {
              "name": "75033",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75033"
            },
            {
              "name": "1032512",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032512"
            },
            {
              "name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3317",
    "datePublished": "2015-06-17T10:00:00",
    "dateReserved": "2015-04-16T00:00:00",
    "dateUpdated": "2024-08-06T05:47:56.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-3316

Vulnerability from cvelistv5

Published

2015-06-17 10:00

Modified

2024-08-06 05:47

Severity ?

Summary

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1032513	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/75033	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1032512	vdb-entry, x_refsource_SECTRACK
	http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:47:56.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1032513",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032513"
          },
          {
            "name": "75033",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75033"
          },
          {
            "name": "1032512",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032512"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-02T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1032513",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032513"
        },
        {
          "name": "75033",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75033"
        },
        {
          "name": "1032512",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032512"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-3316",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1032513",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032513"
            },
            {
              "name": "75033",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75033"
            },
            {
              "name": "1032512",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032512"
            },
            {
              "name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-3316",
    "datePublished": "2015-06-17T10:00:00",
    "dateReserved": "2015-04-16T00:00:00",
    "dateUpdated": "2024-08-06T05:47:56.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to ca - workload_automation_ae

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

cve-2015-3318

Vulnerability from cvelistv5

cve-2018-8953

Vulnerability from cvelistv5

cve-2015-3317

Vulnerability from cvelistv5

cve-2015-3316

Vulnerability from cvelistv5