Lucene search

[email protected]CVE-2015-3316

HistoryJun 17, 2015 - 10:59 a.m.

CVE-2015-3316

2015-06-1710:59:01

[email protected]

web.nvd.nist.gov

cve-2015-3316

ca common services

local privilege escalation

unspecified environment variable

nvd

security vulnerability

6.8 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.

Affected configurations

NVD

Node

broadcomnetwork_and_systems_managementMatchr11.1

caclient_automationMatchr12.5sp01

caclient_automationMatchr12.8

caclient_automationMatchr12.9

canetwork_and_systems_managementMatchr11.2

cansm_job_management_optionMatchr11.0

cansm_job_management_optionMatchr11.1

cansm_job_management_optionMatchr11.2

cauniversal_job_management_agentMatch-

cavirtual_assurance_for_infrastructure_managersMatch12.6

cavirtual_assurance_for_infrastructure_managersMatch12.7

cavirtual_assurance_for_infrastructure_managersMatch12.8

cavirtual_assurance_for_infrastructure_managersMatch12.9

caworkload_automation_aeMatchr11

caworkload_automation_aeMatchr11.3

caworkload_automation_aeMatchr11.3.5

caworkload_automation_aeMatchr11.3.6

AND

hphp-ux

ibmaix

linuxlinux_kernel

oraclesolarisMatch-

CPENameOperatorVersion
broadcom:network_and_systems_managementbroadcom network and systems managementeqr11.1
ca:client_automationca client automationeqr12.5
ca:client_automationca client automationeqr12.8
ca:client_automationca client automationeqr12.9
ca:network_and_systems_managementca network and systems managementeqr11.2
ca:nsm_job_management_optionca nsm job management optioneqr11.0
ca:nsm_job_management_optionca nsm job management optioneqr11.1
ca:nsm_job_management_optionca nsm job management optioneqr11.2
ca:universal_job_management_agentca universal job management agenteq-
ca:virtual_assurance_for_infrastructure_managersca virtual assurance for infrastructure managerseq12.6

CPE	Name	Operator	Version
broadcom:network_and_systems_management	broadcom network and systems management	eq	r11.1
ca:client_automation	ca client automation	eq	r12.5
ca:client_automation	ca client automation	eq	r12.8
ca:client_automation	ca client automation	eq	r12.9
ca:network_and_systems_management	ca network and systems management	eq	r11.2
ca:nsm_job_management_option	ca nsm job management option	eq	r11.0
ca:nsm_job_management_option	ca nsm job management option	eq	r11.1
ca:nsm_job_management_option	ca nsm job management option	eq	r11.2
ca:universal_job_management_agent	ca universal job management agent	eq	-
ca:virtual_assurance_for_infrastructure_managers	ca virtual assurance for infrastructure managers	eq	12.6

Rows per page:

1-10 of 171

References

www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx

www.securityfocus.com/bid/75033

www.securitytracker.com/id/1032512

www.securitytracker.com/id/1032513