Published: 18/02/2020 Updated: 30/12/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
broadcom unified infrastructure management
broadcom unified infrastructure management 20.1

Vulnerability research on the CA UIM Nimbus protocol

CA Unified Infrastructure Management Research Research This repository will contain the majority of code written during my analysis of the Nimbus protocol Unfortunately during the madness of everything I lost a few snippets What originally spawned my curiosity to research this protocol was a recent pentest where we were able to get operating system information, installation d

CWE-476 https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2019/ca20200205-01-security-notice-for-ca-unified-infrastructure-management.html https://support.broadcom.com/external/content/security-advisories/CA20200205-01-Security-Notice-for-CA-Unified-Infrastructure-Management/7832 https://nvd.nist.gov https://github.com/wetw0rk/CA-UIM-Nimbus-Research

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-8011

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect