VYPR

Unified Infrastructure Management

by Ca

CVEs (6)

  • CVE-2018-13821CriAug 30, 2018
    risk 0.64cvss 9.8epss 0.03

    A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.

  • CVE-2016-5803HigFeb 13, 2017
    risk 0.56cvss 8.6epss 0.02

    An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such…

  • CVE-2018-13820HigAug 30, 2018
    risk 0.49cvss 7.5epss 0.01

    A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.

  • CVE-2018-13819HigAug 30, 2018
    risk 0.49cvss 7.5epss 0.01

    A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.

  • CVE-2016-9165HigMar 20, 2017
    risk 0.49cvss 7.5epss 0.04

    The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication…

  • CVE-2016-9164HigMar 7, 2017
    risk 0.49cvss 7.5epss 0.05

    Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via…