4.6

CVE-2015-3318

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.

Data is provided by the National Vulnerability Database (NVD)
CaClient Automation Versionr12.5 Updatesp01
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaClient Automation Versionr12.8
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaClient Automation Versionr12.9
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaNetwork And Systems Management Versionr11.2
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaNsm Job Management Option Versionr11.0
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaNsm Job Management Option Versionr11.1
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaNsm Job Management Option Versionr11.2
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaUniversal Job Management Agent Version-
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaVirtual Assurance For Infrastructure Managers Version12.6
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaVirtual Assurance For Infrastructure Managers Version12.7
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaVirtual Assurance For Infrastructure Managers Version12.8
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaVirtual Assurance For Infrastructure Managers Version12.9
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaWorkload Automation Ae Versionr11.0
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaWorkload Automation Ae Versionr11.3
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaWorkload Automation Ae Versionr11.3.5
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
CaWorkload Automation Ae Versionr11.3.6
   HpHp-ux
   IbmAix
   LinuxLinux Kernel
   OracleSolaris Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.06% 0.183
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.