CVE-2015-3317Improper Restriction of Operations within the Bounds of a Memory Buffer in Client Automation

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 81.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
CA Client AutomationCA Network AND Systems ManagementCA NSM JOB Management Option+2 more
Timeline
PublishedJun 17
Latest updateMay 13

Description

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified v

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages5 packages

NVDca/nsm_job_management_optionr11.0, r11.1, r11.2+2
NVDca/client_automationr12.5, r12.8, r12.9+2
NVDca/workload_automation_ae4 versions+3
NVDca/virtual_assurance4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-gv7w-8758-xj2v: CA Common Services, as used in CA Client Automation r122022-05-13
CVEList
CVE-2015-3317: CA Common Services, as used in CA Client Automation r122015-06-17
CVE-2015-3317 — CA Client Automation vulnerability | cvebase