Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ca Subscribe
Filtered by product Unified Infrastructure Management
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-13821 1 Ca 1 Unified Infrastructure Management 2018-11-05 7.5 HIGH 9.8 CRITICAL
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
CVE-2018-13820 1 Ca 1 Unified Infrastructure Management 2018-10-19 5.0 MEDIUM 7.5 HIGH
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVE-2018-13819 1 Ca 1 Unified Infrastructure Management 2018-10-19 5.0 MEDIUM 7.5 HIGH
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVE-2016-9165 1 Ca 2 Unified Infrastructure Management, Unified Infrastructure Management Snap 2017-03-23 5.0 MEDIUM 7.5 HIGH
The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges via unspecified vectors.
CVE-2016-9164 1 Ca 1 Unified Infrastructure Management 2017-03-09 5.0 MEDIUM 7.5 HIGH
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors.