CVE-2020-8010
published 2020-02-18CVE-2020-8010: CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller)…
PriorityP277critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
48.67%
98.7th percentile
CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | unified_infrastructure_management | <= 9.20 | — |
| broadcom | unified_infrastructure_management | — | — |
| broadcom | unified_infrastructure_management | 20.3.0 – 20.3.3 | — |
| ca_technologies_a_broadcom_company | ca_unified_infrastructure_management | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated remote commands, reads, or writes targeting the CA UIM robot (controller) component, which indicates exploitation of improper ACL handling. ↗
- →Detect exploitation attempts sending a specially crafted 'directory_list' probe to the CA UIM nimcontroller component, which can be chained with CVE-2020-8010 ACL bypass to trigger a buffer overflow. ↗
- ·CVE-2020-8010 affects CA UIM versions 20.1, 20.3.x, and 9.20 and below; the Metasploit module specifically targets Nimsoft 7.80. Ensure detection coverage spans all affected version ranges. ↗
- ·The buffer overflow (separate CVE) is only reachable if the target is also vulnerable to CVE-2020-8010 (ACL bypass); both conditions must be present for full remote code execution via the Metasploit chain. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.htmlhttps://support.broadcom.com/external/content/security-advisories/CA20200205-01-Security-Notice-for-CA-Unified-Infrastructure-Management/7832https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2019/ca20200205-01-security-notice-for-ca-unified-infrastructure-management.htmlhttp://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.htmlhttps://support.broadcom.com/external/content/security-advisories/CA20200205-01-Security-Notice-for-CA-Unified-Infrastructure-Management/7832https://techdocs.broadcom.com/us/product-content/status/announcement-documents/2019/ca20200205-01-security-notice-for-ca-unified-infrastructure-management.html
2020-02-18
Published