Lucene search
K

118 matches found

CVE
CVE
added 2019/02/06 12:0 a.m.40 views

CVE-2019-6504

The CVE-2019-6504 refers to a Cross-Site Scripting (XSS) vulnerability in the Automic Web Interface (AWI) of CA Automic Workload Automation (formerly UC4), due to insufficient output sanitization. Affected are CA Automic Workload Automation versions 12.0 through 12.2, with the issue enabling pers...

6.1CVSS5.9AI score0.02008EPSS
Exploits1References7Affected Software1
Packet Storm
Packet Storm
added 2019/01/24 12:0 a.m.88 views

CA AWI 12.0 / 12.1 / 12.2 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Cross-site scripting product: CA Automic Workload Automation Web Interface AWI formerly Automic Automation Engine, UC4 vulnerable version: 12.0, 12.1, 12.2 fixed version:...

0.3AI score0.02008EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:48 p.m.10 views

Security Bulletin: SetGID and SetUID programs in IBM Workload Scheduler can be exploited to obtain privilege escalation (CVE-2018-1386)

Summary SetGID and SetUID programs in IBM Workload Scheduler can be exploited to obtain root privileges Vulnerability Details Some programs in IBM Workload Scheduler are executed with elevated privileges SetGID and SetUID programs and have been compiled to search for libraries in an insecure...

7.8CVSS0.8AI score0.00288EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2018/04/12 12:0 a.m.3 views

CA Workload Automation AE SQL Injection Vulnerability

CA Workload Automation AE is a workload automation tool from CA. CA Workload Automation AE suffers from a SQL injection vulnerability. A remote attacker could exploit this vulnerability via a specially crafted HTTP request to conduct a SQL injection attack...

8.8CVSS8AI score0.02767EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/12 12:0 a.m.5 views

CA Workload Control Center Arbitrary Code Execution Vulnerability

CA Workload Control Center is the GUI for CA Workload Automation AE. An arbitrary code execution vulnerability exists in CA Workload Control Center. A remote attacker could exploit this vulnerability to execute arbitrary code via a specially crafted HTTP request...

9.8CVSS8.2AI score0.07314EPSS
Exploits0References1
NVD
NVD
added 2018/04/11 5:29 p.m.13 views

CVE-2018-8953

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request...

8.8CVSS8.9AI score0.02767EPSS
Exploits0References3
OSV
OSV
added 2018/04/11 5:29 p.m.2 views

CVE-2018-8953

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request...

8.8CVSS5.9AI score0.02767EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2018/04/11 5:29 p.m.3 views

CVE-2018-8953

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request...

8.8CVSS5.9AI score0.02767EPSS
Exploits0References4
Prion
Prion
added 2018/04/11 5:29 p.m.14 views

Sql injection

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request...

6.5CVSS8.9AI score0.02767EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/11 5:0 p.m.15 views

CVE-2018-8953

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request...

9AI score0.02767EPSS
Exploits0References3
CVE
CVE
added 2018/04/11 5:0 p.m.45 views

CVE-2018-8953

CA Workload Automation AE is vulnerable to SQL injection via a crafted HTTP request when running versions prior to r11.3.6 SP7. The issue is documented by the CVE-2018-8953 entry and corroborated by multiple connected sources (NVD/CNVD references), which indicate remote attacker access without us...

8.8CVSS8.8AI score0.02767EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/03/14 12:29 a.m.5 views

CVE-2018-1386

IBM Tivoli Workload Automation for AIX IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4 contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208...

7.8CVSS5.8AI score0.00288EPSS
Exploits0References2
NVD
NVD
added 2018/03/14 12:29 a.m.15 views

CVE-2018-1386

IBM Tivoli Workload Automation for AIX IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4 contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208...

7.8CVSS7.4AI score0.00288EPSS
Exploits0References2
Prion
Prion
added 2018/03/14 12:29 a.m.18 views

Improper access control

IBM Tivoli Workload Automation for AIX IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4 contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208...

6.9CVSS7.4AI score0.00288EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/03/14 12:0 a.m.15 views

CVE-2018-1386

IBM Tivoli Workload Automation for AIX IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4 contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208...

7.4CVSS7.5AI score0.00288EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/03/14 12:0 a.m.5 views

PT-2018-12226 · Ibm · Ibm Tivoli Workload Automation

Name of the Vulnerable Software and Affected Versions: IBM Tivoli Workload Automation for AIX versions 8.6 through 9.4 Description: The issue is related to directories with improper permissions, which could allow a local user with special access to gain root privileges. Recommendations: For...

7.8CVSS7.3AI score0.00288EPSS
Exploits0References3
CVE
CVE
added 2018/03/14 12:0 a.m.47 views

CVE-2018-1386

IBM Tivoli Workload Scheduler (AIX) is affected by CVE-2018-1386 through user-space directory permission issues in SetGID/SetUID programs, enabling local privilege escalation by placing a malicious library in insecure directories. Affected products/versions: IBM Workload Scheduler Distributed 8.6...

7.8CVSS7.5AI score0.00288EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/03/16 12:0 a.m.3 views

Multiple Cisco Products Arbitrary File Read Vulnerabilities

Cisco Tidal Enterprise Scheduler and Cisco Workload Automation Client Manager Server are both products of Cisco, Inc.Cisco Tidal Enterprise Scheduler is a cross-platform enterprise Cisco Tidal Enterprise Scheduler is a cross-platform enterprise scheduling application. An arbitrary file read...

8.6CVSS6.9AI score0.01962EPSS
Exploits0References1
Prion
Prion
added 2017/03/15 8:59 p.m.20 views

Input validation

A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. The vulnerability is due to insufficient input validation. An attacker could exploit...

5CVSS8.3AI score0.01962EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/03/15 8:59 p.m.3 views

CVE-2017-3846

A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. The vulnerability is due to insufficient input validation. An attacker could exploit...

8.6CVSS5.8AI score0.01962EPSS
Exploits0References3
Rows per page
Query Builder