Design/Logic Flaw

2015-06-1710:59:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.

CPENameOperatorVersion
client_automationeqr12.5 sp1
client_automationeq12.8.114
client_automationeq12.9.114
network_and_systems_managementeq11.2.114
nsm_job_management_optioneq11.0.114
nsm_job_management_optioneq11.1.114
nsm_job_management_optioneq11.2.114
virtual_assurance_for_infrastructure_managerseq12.6
virtual_assurance_for_infrastructure_managerseq12.7
virtual_assurance_for_infrastructure_managerseq12.8

Name	Operator	Version
client_automation	eq	r12.5 sp1
client_automation	eq	12.8.114
client_automation	eq	12.9.114
network_and_systems_management	eq	11.2.114
nsm_job_management_option	eq	11.0.114
nsm_job_management_option	eq	11.1.114
nsm_job_management_option	eq	11.2.114
virtual_assurance_for_infrastructure_managers	eq	12.6
virtual_assurance_for_infrastructure_managers	eq	12.7
virtual_assurance_for_infrastructure_managers	eq	12.8

Rows per page:

1-10 of 151

References

www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx

www.securityfocus.com/bid/75033

www.securitytracker.com/id/1032512

www.securitytracker.com/id/1032513