Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2015-3317
HistoryJun 17, 2015 - 10:59 a.m.

CVE-2015-3317

2015-06-1710:59:02
CWE-119
mitre
web.nvd.nist.gov
27
ca common services
ca client automation
ca network and systems management
ca nsm job management option
systemedge
ca workload automation ae
cve-2015-3317
vulnerability
nvd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.

Affected configurations

Nvd
Node
caclient_automationMatchr12.5sp01
OR
caclient_automationMatchr12.8
OR
caclient_automationMatchr12.9
OR
canetwork_and_systems_managementMatchr11.2
OR
cansm_job_management_optionMatchr11.0
OR
cansm_job_management_optionMatchr11.1
OR
cansm_job_management_optionMatchr11.2
OR
cauniversal_job_management_agentMatch-
OR
cavirtual_assurance_for_infrastructure_managersMatch12.6
OR
cavirtual_assurance_for_infrastructure_managersMatch12.7
OR
cavirtual_assurance_for_infrastructure_managersMatch12.8
OR
cavirtual_assurance_for_infrastructure_managersMatch12.9
OR
caworkload_automation_aeMatchr11
OR
caworkload_automation_aeMatchr11.3
OR
caworkload_automation_aeMatchr11.3.5
OR
caworkload_automation_aeMatchr11.3.6
AND
hphp-ux
OR
ibmaix
OR
linuxlinux_kernel
OR
oraclesolarisMatch-
VendorProductVersionCPE
caclient_automationr12.5cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*
caclient_automationr12.8cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*
caclient_automationr12.9cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*
canetwork_and_systems_managementr11.2cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*
cansm_job_management_optionr11.0cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*
cansm_job_management_optionr11.1cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*
cansm_job_management_optionr11.2cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*
cauniversal_job_management_agent-cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*
cavirtual_assurance_for_infrastructure_managers12.6cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*
cavirtual_assurance_for_infrastructure_managers12.7cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 201

Related

prion 1
nvd 1
cvelist 1
securityvulns 2
prion
prion
Design/Logic Flaw
2015-06-17 10:59:00
nvd
nvd
CVE-2015-3317
2015-06-17 10:59:02
cvelist
cvelist
CVE-2015-3317
2015-06-17 10:00:00
securityvulns
securityvulns
CA20150604-01: Security Notice for CA Common Services
2015-06-08 00:00:00
CA Common Services privilege escalation
2015-06-08 00:00:00

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2015-3317
prion1nvd1cvelist1securityvulns2