Vulnerability Details CVE-2009-0043
The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.237
EPSS Ranking 95.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/07.aspx
- http://securityreason.com/securityalert/4887
- http://www.securityfocus.com/archive/1/499857/100/0/threaded
- http://www.securityfocus.com/bid/33161
- http://www.vupen.com/english/advisories/2009/0053
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=196148
- http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/07.aspx
- http://securityreason.com/securityalert/4887
- http://www.securityfocus.com/archive/1/499857/100/0/threaded
- http://www.securityfocus.com/bid/33161
- http://www.vupen.com/english/advisories/2009/0053
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=196148
Products affected by CVE-2009-0043
-
cpe:2.3:a:ca:service_level_management:3.5
-
cpe:2.3:a:ca:service_metric_analysis:r11.0
-
cpe:2.3:a:ca:service_metric_analysis:r11.1