CVE-2020-8012 – CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2020-8012

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code. CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, y 9.20 e inferiores contienen una vulnerabilidad de desbordamiento de búfer en el componente robot (controlador). Un atacante remoto puede ejecutar código arbitrario Nimsoft nimcontroller version 7.80 suffers from an unauthenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/48156 http://packetstormsecurity.com/files/156577/Nimsoft-nimcontroller-7.80-Remote-Code-Execution.html http://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.html https://support.broadcom.com/external/content/security-advisories/CA20200205-01-Security-Notice-for-CA-Unified-Infrastructure-Management/7832 https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2019/ca20200205-01-security-notice-for-ca-unified-infrastructure-ma • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •