cbcvebase.
CVE-2009-0043
published 2009-01-08

CVE-2009-0043: The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows…

PriorityP272critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
46.45%
98.7th percentile
The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors.

Affected

3 ranges
VendorProductVersion rangeFixed in
caservice_level_management
caservice_metric_analysis
caservice_metric_analysis

Detection & IOCsextracted from sources · hover to see the quote

command[ipconfig /all]
processsmmsnmpd
  • Monitor for unauthenticated remote connections to the smmsnmpd service via netcat or telnet delivering bracket-wrapped command strings (e.g. [<command>])
  • Alert on arbitrary OS command execution spawned as child processes of smmsnmpd, indicating successful exploitation of the insufficient access restriction vulnerability
  • ·Affected versions are CA Service Metric Analysis r11.0, r11.1, r11.1 SP1 and Service Level Management 3.5 only; patched or newer versions are not affected
  • ·The exploit command syntax uses bracket-wrapped payloads (e.g. [ipconfig /all]); detection rules should account for this specific framing as the command delivery format
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.