CVE-2015-3318

CVSS V2 Medium 4.6 CVSS V3 None
Description
CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly validate an unspecified variable, which allows local users to gain privileges via unknown vectors.
Overview
  • CVE ID
  • CVE-2015-3318
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2015-06-17T10:59:03
  • Last Modified Date
  • 2021-04-09T18:50:38
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:ca:client_automation:r12.5:sp01:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:client_automation:r12.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:client_automation:r12.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:network_and_systems_management:r11.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:nsm_job_management_option:r11.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:nsm_job_management_option:r11.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:nsm_job_management_option:r11.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:universal_job_management_agent:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:virtual_assurance_for_infrastructure_managers:12.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:workload_automation_ae:r11.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:workload_automation_ae:r11.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:workload_automation_ae:r11.3.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ca:workload_automation_ae:r11.3.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:L/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • LOCAL
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 4.6
  • Severity
  • MEDIUM
  • Exploitability Score
  • 3.9
  • Impact Score
  • 6.4
History
Created Old Value New Value Data Type Notes
2022-05-10 07:16:19 Added to TrackCVE
2022-12-02 05:07:31 2015-06-17T10:59Z 2015-06-17T10:59:03 CVE Published Date updated
2022-12-02 05:07:31 2021-04-09T18:50:38 CVE Modified Date updated
2022-12-02 05:07:31 Modified Vulnerability Status updated