Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-9795

Опубликовано: 27 янв. 2017
Источник: nvd
CVSS3: 7.8
CVSS2: 7.2
EPSS Низкий

Описание

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:broadcom:ca_workload_automation_ae:11.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:ca_workload_automation_ae:11.3:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:ca_workload_automation_ae:11.3.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:ca_workload_automation_ae:11.3.6:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:client_automation:12.8:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:client_automation:12.9:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:client_automation:14.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:systemedge:5.8.2:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:systemedge:5.9:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:systems_performance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:systems_performance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*
cpe:2.3:a:ca:universal_job_management_agent:11.2:*:*:*:*:*:*:*
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*

EPSS

Процентиль: 22%
0.0007
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

msrc логотип

CVE-2016-9795

CVSS3: 7.8
msrc
около 4 лет назад

Описание отсутствует

github логотип

GHSA-9cjv-vp2f-72cv

CVSS3: 7.8
github
около 3 лет назад

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

EPSS

Процентиль: 22%
0.0007
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-20