Lucene search
K
CaUnified Infrastructure Management

5 matches found

CVE
CVE
added 2017/03/20 4:0 p.m.51 views

CVE-2016-9165

The CVE-2016-9165 issue affects CA Unified Infrastructure Management (UIM) and CA UIM Snap prior to version 8.5, via the get_sessions servlet. The vulnerability allows remote, unauthenticated attackers to obtain active session IDs, which can be used to hijack sessions and bypass authentication or...

7.5CVSS7.9AI score0.04338EPSS
CVE
CVE
added 2017/03/07 3:0 p.m.50 views

CVE-2016-9164

CA Unified Infrastructure Management (UIM) diag.jsp contains a directory traversal vulnerability (CVE-2016-9164) that allows remote, unauthenticated attackers to read arbitrary files. Affected products include UIM 8.4 SP1 and earlier (and CA UIM Snap), with disclosures indicating the issue exists...

7.5CVSS7.5AI score0.05395EPSS
CVE
CVE
added 2018/08/30 2:0 p.m.47 views

CVE-2018-13819

CA Unified Infrastructure Management (UIM) versions 8.5.1, 8.5, and 8.4.7 contain a hardcoded secret key that could allow an attacker to access sensitive information. This CVE (CVE-2018-13819) is corroborated by the NVD entry and the CA/Tenable advisories, which also reference additional vulnerab...

7.5CVSS7.4AI score0.01383EPSS
CVE
CVE
added 2018/08/30 2:0 p.m.43 views

CVE-2018-13821

CA Unified Infrastructure Management (UIM) versions 8.5.1, 8.5, and 8.4.7 are affected by CVE-2018-13821 due to a lack of authentication. This allows remote attackers to perform a range of actions, including reading and writing files. The vulnerability is documented in multiple sources (NVD entry...

9.8CVSS9.3AI score0.02681EPSS
CVE
CVE
added 2018/08/30 2:0 p.m.41 views

CVE-2018-13820

CVE-2018-13820 affects CA Unified Infrastructure Management (UIM) versions 8.5.1, 8.5, and 8.4.7 due to a hardcoded passphrase, which could allow an attacker to access sensitive information. The vulnerability is described across multiple sources (NVD/NVD-derived, CNVD, CNVD-related listings), wit...

7.5CVSS7.4AI score0.01383EPSS