Unified Infrastructure Management
by Ca Technologies, A Broadcom Company
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-5803 | Hig | 0.56 | 8.6 | 0.02 | Feb 13, 2017 | An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such… | ||
| CVE-2020-8012 | 0.10 | — | 0.78 | Feb 18, 2020 | CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code. | |||
| CVE-2020-28421 | 0.00 | — | 0.00 | Nov 23, 2020 | CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges. | |||
| CVE-2020-8011 | 0.00 | — | 0.02 | Feb 18, 2020 | CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service. |
- risk 0.56cvss 8.6epss 0.02
An issue was discovered in CA Unified Infrastructure Management Version 8.47 and earlier. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such…
- CVE-2020-8012Feb 18, 2020risk 0.10cvss —epss 0.78
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
- CVE-2020-28421Nov 23, 2020risk 0.00cvss —epss 0.00
CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.
- CVE-2020-8011Feb 18, 2020risk 0.00cvss —epss 0.02
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.