Multiple CA Service Management Products Unspecified Remote Command Execution Vulnerability

ID SSV:85990
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


Multiple CA Service Management products are prone to a vulnerability that attackers can leverage to execute arbitrary commands. This issue is the result of insufficient access restrictions.

Successful attacks can compromise the affected application and possibly the underlying computer.

The following applications are vulnerable:

Service Metric Analysis 11.0, 11.1, and 11.1 SP1
Service Level Management 3.5 

Submitting the following command through netcat or telnet is sufficient to exploit this issue:

[ipconfig /all]