CVE-2016-9795
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.
El programa casrvc en CA Common Services, tal como se usa en CA Client Automation 12.8, 12.9, y 14.0; CA SystemEDGE 5.8.2 y 5.9; CA Systems Performance for Infrastructure Managers 12.8 y 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 y 12.9; CA Workload Automation AE 11, 11.3, 11.3.5 y 11.3.6 en AIX, HP-UX, Linux y Solaris permite a usuarios locales modificar archivos arbitrarios y consecuentemente obtener privilegios de root a través de vectores relacionados con validación insuficiente.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-12-02 CVE Reserved
- 2017-01-27 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/archive/1/540062/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/95819 | Third Party Advisory | |
| http://www.securitytracker.com/id/1037730 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.0 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.0" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.0 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.0 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.0" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.0 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.0" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.5 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.5" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.5 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.5" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.5 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.5" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.5 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.5" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.6 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.6" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.6 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.6" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.6 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.6" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Ca Workload Automation Ae Search vendor "Broadcom" for product "Ca Workload Automation Ae" | 11.3.6 Search vendor "Broadcom" for product "Ca Workload Automation Ae" and version "11.3.6" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.8 Search vendor "Broadcom" for product "Client Automation" and version "12.8" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.8 Search vendor "Broadcom" for product "Client Automation" and version "12.8" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.8 Search vendor "Broadcom" for product "Client Automation" and version "12.8" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.8 Search vendor "Broadcom" for product "Client Automation" and version "12.8" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.9 Search vendor "Broadcom" for product "Client Automation" and version "12.9" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.9 Search vendor "Broadcom" for product "Client Automation" and version "12.9" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.9 Search vendor "Broadcom" for product "Client Automation" and version "12.9" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 12.9 Search vendor "Broadcom" for product "Client Automation" and version "12.9" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 14.0 Search vendor "Broadcom" for product "Client Automation" and version "14.0" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 14.0 Search vendor "Broadcom" for product "Client Automation" and version "14.0" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 14.0 Search vendor "Broadcom" for product "Client Automation" and version "14.0" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Client Automation Search vendor "Broadcom" for product "Client Automation" | 14.0 Search vendor "Broadcom" for product "Client Automation" and version "14.0" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.8.2 Search vendor "Broadcom" for product "Systemedge" and version "5.8.2" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.8.2 Search vendor "Broadcom" for product "Systemedge" and version "5.8.2" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.8.2 Search vendor "Broadcom" for product "Systemedge" and version "5.8.2" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.8.2 Search vendor "Broadcom" for product "Systemedge" and version "5.8.2" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.9 Search vendor "Broadcom" for product "Systemedge" and version "5.9" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.9 Search vendor "Broadcom" for product "Systemedge" and version "5.9" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.9 Search vendor "Broadcom" for product "Systemedge" and version "5.9" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systemedge Search vendor "Broadcom" for product "Systemedge" | 5.9 Search vendor "Broadcom" for product "Systemedge" and version "5.9" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.8 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.8 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.8 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.8 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.9 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.9 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.9 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Broadcom Search vendor "Broadcom" | Systems Performance For Infrastructure Managers Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" | 12.9 Search vendor "Broadcom" for product "Systems Performance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Ca Search vendor "Ca" | Universal Job Management Agent Search vendor "Ca" for product "Universal Job Management Agent" | 11.2 Search vendor "Ca" for product "Universal Job Management Agent" and version "11.2" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Ca Search vendor "Ca" | Universal Job Management Agent Search vendor "Ca" for product "Universal Job Management Agent" | 11.2 Search vendor "Ca" for product "Universal Job Management Agent" and version "11.2" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Ca Search vendor "Ca" | Universal Job Management Agent Search vendor "Ca" for product "Universal Job Management Agent" | 11.2 Search vendor "Ca" for product "Universal Job Management Agent" and version "11.2" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Ca Search vendor "Ca" | Universal Job Management Agent Search vendor "Ca" for product "Universal Job Management Agent" | 11.2 Search vendor "Ca" for product "Universal Job Management Agent" and version "11.2" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.8 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.8 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.8 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.8 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.8" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.9 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.9 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Ibm Search vendor "Ibm" | Aix Search vendor "Ibm" for product "Aix" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.9 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | * | - |
Safe
|
| Ca Search vendor "Ca" | Virtual Assurance For Infrastructure Managers Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" | 12.9 Search vendor "Ca" for product "Virtual Assurance For Infrastructure Managers" and version "12.9" | - |
Affected
| in | Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | * | - |
Safe
|