CVE-2015-3316

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2015-3316
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx Vendor Advisory
http://www.securitytracker.com/id/1032512
http://www.securityfocus.com/bid/75033
http://www.securitytracker.com/id/1032513
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*
cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*
cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*
cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*
cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*
cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*
cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*
cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*
cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*
cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*
OR cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
Information

Published : 2015-06-17 03:59

Updated : 2021-04-09 11:50

NVD link : CVE-2015-3316

Mitre link : CVE-2015-3316

JSON object : View

CWE
NVD-CWE-noinfo
Advertisement

dedicated server usa
Products Affected

ca

  • virtual_assurance_for_infrastructure_managers
  • workload_automation_ae
  • client_automation
  • universal_job_management_agent
  • network_and_systems_management
  • nsm_job_management_option

ibm

  • aix

broadcom

  • network_and_systems_management

hp

  • hp-ux

linux

  • linux_kernel

oracle

  • solaris