Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ca unified infrastructure management vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-13819
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows malicious users to access sensitive information.
Ca Unified Infrastructure Management 8.5
Ca Unified Infrastructure Management 8.4.7
Ca Unified Infrastructure Management 8.5.1
7.5
CVSSv3
CVE-2018-13820
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows malicious users to access sensitive information.
Ca Unified Infrastructure Management 8.4.7
Ca Unified Infrastructure Management 8.5
Ca Unified Infrastructure Management 8.5.1
9.8
CVSSv3
CVE-2018-13821
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote malicious users to conduct a variety of attacks, including file reading/writing.
Ca Unified Infrastructure Management 8.5
Ca Unified Infrastructure Management 8.4.7
Ca Unified Infrastructure Management 8.5.1
7.5
CVSSv3
CVE-2016-9165
The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) prior to 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote malicious users to obtain active session ids and consequently bypass authenti...
Ca Unified Infrastructure Management Snap
Ca Unified Infrastructure Management
1 Article
7.5
CVSSv3
CVE-2016-9164
Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and previous versions and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote malicious users to read arbitrary ...
Ca Unified Infrastructure Management
1 Article
8.6
CVSSv3
CVE-2016-5803
An issue exists in CA Unified Infrastructure Management Version 8.47 and previous versions. The Unified Infrastructure Management software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such ...
Ca Technologies Unified Infrastructure Management
1 Article
9.8
CVSSv3
CVE-2020-8010
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
Broadcom Unified Infrastructure Management
Broadcom Unified Infrastructure Management 20.1
1 Github repository
9.8
CVSSv3
CVE-2020-8012
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
Broadcom Unified Infrastructure Management
Broadcom Unified Infrastructure Management 20.1
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2020-8011
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.
Broadcom Unified Infrastructure Management
Broadcom Unified Infrastructure Management 20.1
1 Github repository
7.4
CVSSv3
CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Tenable Tenable.sc
Tenable Nessus Network Monitor
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Server
Oracle Mysql Workbench
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »