CVE-2015-3317

EPSS 0.06%
Published 17.06.2015 10:59:02
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Ca ≫ Client Automation Versionr12.5 Updatesp01

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Client Automation Versionr12.8

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Client Automation Versionr12.9

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Network And Systems Management Versionr11.2

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Nsm Job Management Option Versionr11.0

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Nsm Job Management Option Versionr11.1

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Nsm Job Management Option Versionr11.2

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Universal Job Management Agent Version-

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Virtual Assurance For Infrastructure Managers Version12.6

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Virtual Assurance For Infrastructure Managers Version12.7

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Virtual Assurance For Infrastructure Managers Version12.8

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Virtual Assurance For Infrastructure Managers Version12.9

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Workload Automation Ae Versionr11

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Workload Automation Ae Versionr11.3

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Workload Automation Ae Versionr11.3.5

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Ca ≫ Workload Automation Ae Versionr11.3.6

   Hp ≫ Hp-ux
   Ibm ≫ Aix
   Linux ≫ Linux Kernel
   Oracle ≫ Solaris Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.183

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx

Vendor Advisory

http://www.securityfocus.com/bid/75033

http://www.securitytracker.com/id/1032512

http://www.securitytracker.com/id/1032513

https://nvd.nist.gov/vuln/detail/CVE-2015-3317

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-3317

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-3317

EUVD