CVE-2015-3317

Опубликовано: 17 июн. 2015

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*

cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*

cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*

cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*

cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*

cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*

cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*

cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*

cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*

cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*

cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*

cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*

cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*

cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*

cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*

cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00059

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-gv7w-8758-xj2v

github

больше 3 лет назад