17 matches found
PT-2025-40103
Name of the Vulnerable Software and Affected Versions DX Unified Infrastructure Management Nimsoft/UIM versions prior to 8.63 Description The software contains an improper Access Control List ACL handling issue within the robot controller component. A remote attacker may be able to execute...
CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow Exploit
This Metasploit module exploits a buffer overflow within the CA Unified Infrastructure Management nimcontroller. The vulnerability occurs in the robot controller component when sending a specially crafted directorylist probe. Technically speaking the target host must also be vulnerable to...
CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow', 'Description' = %q This module exploits a buffer overflow within the...
Nimsoft nimcontroller 7.80 Remote Code Execution Exploit
/ Exploit Title : Sing About Me, I'm Dying Of Thirst Exploit Author : wetw0rk Exploit Version : Public POC CVE : CVE-2020-8012 Vendor Homepage : https://docops.ca.com/ca-unified-infrastructure-management/9-0-2/en Software Version : 7.80 Tested on : Windows 10 Pro x64, Windows Server 2012 R2...
CVE-2020-8010
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...
CVE-2020-8011
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot controller component. A remote attacker can crash the Controller service...
Input validation
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...
Buffer overflow
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot controller component. A remote attacker can execute arbitrary code...
CVE-2020-8012
CVE-2020-8012 affects CA Unified Infrastructure Management Nimsoft/NIMsoft robot (controller) component. Connected sources confirm a remote buffer overflow in nimcontroller that allows arbitrary code execution, with exploitation demonstrated by Metasploit module targeting Nimsoft 7.80 (and relate...
CVE-2020-8012
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot controller component. A remote attacker can execute arbitrary code...
CVE-2020-8010
CVE-2020-8010 affects CA Unified Infrastructure Management (Nimsoft/UIM) robot/controller components across 9.20 and earlier, and 20.1/20.3.x. The issue is improper ACL handling, enabling a remote attacker to execute commands and perform read/write on the target system. Public details in the conn...
CVE-2020-8011
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot controller component. A remote attacker can crash the Controller service...
CVE-2020-8011
The CVE-2020-8011 entry applies to CA Unified Infrastructure Management (Nimsoft/UIM) versions 20.1, 20.3.x, and 9.20 and earlier. The vulnerability is a null pointer dereference in the robot (controller) component, allowing a remote attacker to crash the Controller service. The connected documen...
CVE-2020-8010 Nimbus protocol allows unauth read/write/execute
CA Unified Infrastructure Management Nimsoft/UIM 9.20 and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system. Recent assessments: busterb at August 04, 2020 5:44pm UTC reported:...
CVE-2016-9165
The CVE-2016-9165 issue affects CA Unified Infrastructure Management (UIM) and CA UIM Snap prior to version 8.5, via the get_sessions servlet. The vulnerability allows remote, unauthenticated attackers to obtain active session IDs, which can be used to hijack sessions and bypass authentication or...
Directory traversal
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management formerly CA Nimsoft Monitor 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap formerly CA Nimsoft Monitor Snap allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2016-9164
CA Unified Infrastructure Management (UIM) diag.jsp contains a directory traversal vulnerability (CVE-2016-9164) that allows remote, unauthenticated attackers to read arbitrary files. Affected products include UIM 8.4 SP1 and earlier (and CA UIM Snap), with disclosures indicating the issue exists...