CVE-2004-2436

3 documents3 sources

Severity

2.1LOW

EPSS

0.1%

top 76.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Common Services Broadcom Unicenter Network AND Systems Management Broadcom Unicenter Serviceplus Service Desk

Timeline

PublishedDec 31

Latest updateApr 29

Description

Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages3 packages

▶NVDbroadcom/common_services6 versions+5

▶NVDbroadcom/unicenter_serviceplus_service_desk6.0

▶NVDbroadcom/unicenter_network_and_systems_management3.0

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-j3vf-mm32-hh2j: Computer Associates Unicenter Common Services 3↗2022-04-29

▶

CVEList

CVE-2004-2436: Computer Associates Unicenter Common Services 3↗2005-08-20

▶