Lucene search

K
cve[email protected]CVE-2020-8011
HistoryFeb 18, 2020 - 4:15 a.m.

CVE-2020-8011

2020-02-1804:15:14
CWE-476
web.nvd.nist.gov
70
ca unified infrastructure management
nimsoft
uim
cve-2020-8011
null pointer
vulnerability
remote attacker

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.9%

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.

Affected configurations

NVD
Node
broadcomunified_infrastructure_managementRange9.20
OR
broadcomunified_infrastructure_managementRange20.3.020.4.0
OR
broadcomunified_infrastructure_managementMatch20.1

CNA Affected

[
  {
    "product": "CA Unified Infrastructure Management (Nimsoft/UIM)",
    "vendor": "CA Technologies - A Broadcom Company",
    "versions": [
      {
        "status": "affected",
        "version": "9.20 and below"
      }
    ]
  }
]

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.9%

Related for CVE-2020-8011