CVE-2016-9795
27.01.2017, 22:59
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.Enginsight
| Vendor | Product | Version |
|---|---|---|
| broadcom | ca_workload_automation_ae | 11.0 |
| broadcom | ca_workload_automation_ae | 11.3 |
| broadcom | ca_workload_automation_ae | 11.3.5 |
| broadcom | ca_workload_automation_ae | 11.3.6 |
| broadcom | client_automation | 12.8 |
| broadcom | client_automation | 12.9 |
| broadcom | client_automation | 14.0 |
| broadcom | systemedge | 5.8.2 |
| broadcom | systemedge | 5.9 |
| broadcom | systems_performance_for_infrastructure_managers | 12.8 |
| broadcom | systems_performance_for_infrastructure_managers | 12.9 |
| ca | universal_job_management_agent | 11.2 |
| ca | virtual_assurance_for_infrastructure_managers | 12.8 |
| ca | virtual_assurance_for_infrastructure_managers | 12.9 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References