CVSS: 9.8EPSS: 54%CPEs: 3EXPL: 3CVE-2020-8012 – CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2020-8012
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code. CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, y 9.20 e inferiores contienen una vulnerabilidad de desbordamiento de búfer en el componente robot (controlador). Un atacante remoto puede ejecutar código arbitrario Nimsoft nimcontroller version 7.80 suffers from an unauthenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/48156 http://packetstormsecurity.com/files/156577/Nimsoft-nimcontroller-7.80-Remote-Code-Execution.html http://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.html https://support.broadcom.com/external/content/security-advisories/CA20200205-01-Security-Notice-for-CA-Unified-Infrastructure-Management/7832 https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2019/ca20200205-01-security-notice-for-ca-unified-infrastructure-ma • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8011
https://notcve.org/view.php?id=CVE-2020-8011
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service. CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x y 9.20 y posteriores contienen una vulnerabilidad de desviación de puntero nulo en el componente robot (controlador). Un atacante remoto puede bloquear el servicio del controlador • https://support.broadcom.com/external/content/security-advisories/CA20200205-01-Security-Notice-for-CA-Unified-Infrastructure-Management/7832 https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2019/ca20200205-01-security-notice-for-ca-unified-infrastructure-management.html • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 7%CPEs: 3EXPL: 1CVE-2020-8010 – CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow
https://notcve.org/view.php?id=CVE-2020-8010
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system. CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, y 9.20 y posteriores contienen una vulnerabilidad de manejo de ACL inadecuada en el componente robot (controlador). Un atacante remoto puede ejecutar comandos, leer o escribir en el sistema de destino • http://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.html https://support.broadcom.com/external/content/security-advisories/CA20200205-01-Security-Notice-for-CA-Unified-Infrastructure-Management/7832 https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2019/ca20200205-01-security-notice-for-ca-unified-infrastructure-management.html •