1. CVE-Search
  2. CVE-2006-2201
ID CVE-2006-2201
Summary Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0. This vulnerability affects all z/OS releases of this product prior to May 2, 2006. This vulnerability is addressed in the 20060502 release of this product.
References
Vulnerable Configurations
  • cpe:2.3:a:broadcom:resource_initialization_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:resource_initialization_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:resource_initialization_manager:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:resource_initialization_manager:1.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 09-04-2021 - 18:52)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:S/C:P/I:P/A:P
refmap via4
bid 17840
bugtraq 20060508 CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability
confirm http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp
misc http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp
osvdb 25234
sectrack 1016028
secunia 19953
vupen ADV-2006-1656
xf cairim-lmp-privilege-escalation(26234)
Last major update 09-04-2021 - 18:52
Published 04-05-2006 - 16:06
Last modified 09-04-2021 - 18:52
Back to Top