Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Unified Infrastructure Management Security Vulnerabilities

cve
cve

CVE-2016-5803

An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can reso...

8.6CVSS

8.3AI Score

0.257EPSS

2017-02-13 09:59 PM
25
4
cve
cve

CVE-2016-9164

Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors.

7.5CVSS

7.5AI Score

0.021EPSS

2017-03-07 03:59 PM
22
4
cve
cve

CVE-2016-9165

The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges v...

7.5CVSS

7.9AI Score

0.023EPSS

2017-03-20 04:59 PM
17
4
cve
cve

CVE-2018-13819

A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.

7.5CVSS

7.4AI Score

0.001EPSS

2018-08-30 02:29 PM
23
cve
cve

CVE-2018-13820

A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.

7.5CVSS

7.4AI Score

0.001EPSS

2018-08-30 02:29 PM
16
cve
cve

CVE-2018-13821

A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.

9.8CVSS

9.3AI Score

0.004EPSS

2018-08-30 02:29 PM
20
cve
cve

CVE-2020-28421

CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.

7.8CVSS

7.4AI Score

0.0004EPSS

2020-11-23 04:15 PM
17
cve
cve

CVE-2020-8010

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.

9.8CVSS

9.3AI Score

0.071EPSS

2020-02-18 04:15 AM
127
cve
cve

CVE-2020-8011

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.

7.5CVSS

7.5AI Score

0.002EPSS

2020-02-18 04:15 AM
70
cve
cve

CVE-2020-8012

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.

9.8CVSS

9.8AI Score

0.534EPSS

2020-02-18 04:15 AM
156