NotCVE - vendor:"Ca"

Page 7 of 142 results (0.005 seconds)

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

CVE-2016-9164 – CA Unified Infrastructure Management diag Path Traversal Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2016-9164

Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en el archivo diag.jsp en CA Unified Infrastructure Management (anteriormente CA Nimsoft Monitor) 8.4 SP1 y versiones anteriores y CA Unified Infrastructure Management Snap (anteriormente CA Nimsoft Monitor Snap) permite a atacantes remotos leer archivos arbitrarios a través de vectores no especificados. This vulnerability allows remote attackers to disclose sensitive information from vulnerable installations of CA Unified Infrastructure Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the diag.jsp servlet. The servlet is vulnerable to directory traversal and can be used to exfiltrate sensitive system files from the system. • http://packetstormsecurity.com/files/139661/CA-Unified-Infrastructure-Management-Bypass-Traversal-Disclosure.html http://seclists.org/fulldisclosure/2016/Nov/55 http://www.securityfocus.com/bid/94257 http://www.zerodayinitiative.com/advisories/ZDI-16-607 https://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/ca20161109-01-security-notice-for-ca-unified-infrastructure-mgmt.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-6151

https://notcve.org/view.php?id=CVE-2016-6151

CA eHealth 6.2.x allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors. CA eHealth 6.2.x permite a usuarios remotos autenticados provocar una denegación de servicio o posiblemente ejecutar comandos arbitrarios a través de vectores no especificados. • http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160721-01-security-notice-for-ca-ehealth.aspx http://www.securityfocus.com/bid/92107 http://www.securitytracker.com/id/1036433 •

CVSS: 9.0EPSS: 0%CPEs: 18EXPL: 0

CVE-2016-6152

https://notcve.org/view.php?id=CVE-2016-6152

CA eHealth 6.2.x and 6.3.x before 6.3.2.13 allows remote authenticated users to cause a denial of service or possibly execute arbitrary commands via unspecified vectors. CA eHealth 6.2.x y 6.3.x en versiones anteriores a 6.3.2.13 permite a usuarios remotos autenticados provocar una denegación de servicio o posiblemente ejecutar comandos arbitrarios a través de vectores no especificados. • http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160721-01-security-notice-for-ca-ehealth.aspx http://www.securityfocus.com/bid/92107 http://www.securitytracker.com/id/1036433 •

CVSS: 4.6EPSS: 0%CPEs: 21EXPL: 0

CVE-2015-3316

https://notcve.org/view.php?id=CVE-2015-3316

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable. CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (también conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, permite a usuarios locales ganar privilegios a través de una variable de entorno no especificada. • http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx http://www.securityfocus.com/bid/75033 http://www.securitytracker.com/id/1032512 http://www.securitytracker.com/id/1032513 •

CVSS: 4.6EPSS: 0%CPEs: 20EXPL: 0

CVE-2015-3317

https://notcve.org/view.php?id=CVE-2015-3317

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors. CA Common Services, utilizado en CA Client Automation r12.5 SP01, r12.8, y r12.9; CA Network and Systems Management r11.0, r11.1, y r11.2; CA NSM Job Management Option r11.0, r11.1, y r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (también conocido como SystemEDGE) 12.6, 12.7, 12.8, y 12.9; y CA Workload Automation AE r11, r11.3, r11.3.5, y r11.3.6 en UNIX, no realiza correctamente la comprobación de límites, lo que permite a usuarios locales ganar privilegios a través de vectores no especificados. • http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx http://www.securityfocus.com/bid/75033 http://www.securitytracker.com/id/1032512 http://www.securitytracker.com/id/1032513 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1...5 6 7 8 9