1. CVE-Search
  2. CVE-2015-3316
ID CVE-2015-3316
Summary CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.
References
Vulnerable Configurations
  • cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*
    cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:*
  • cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*
    cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*
    cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*
    cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*
    cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*
    cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*
    cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*
    cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*
    cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*
    cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*
    cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*
    cpe:2.3:a:ca:workload_automation_ae:r11:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*
    cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:*
  • cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
    cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
  • cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
    cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 09-04-2021 - 18:50)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 75033
confirm http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx
sectrack
  • 1032512
  • 1032513
Last major update 09-04-2021 - 18:50
Published 17-06-2015 - 10:59
Last modified 09-04-2021 - 18:50
Back to Top