CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9165

The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2016-9165

Ca » Unified Infrastructure Management » Version: 8.4.7

cpe:2.3:a:ca:unified_infrastructure_management:8.4.7
Ca » Unified Infrastructure Management » Version: 8.5

cpe:2.3:a:ca:unified_infrastructure_management:8.5
Ca » Unified Infrastructure Management » Version: 8.5.1

cpe:2.3:a:ca:unified_infrastructure_management:8.5.1
Ca » Unified Infrastructure Management Snap » Version: Any

cpe:2.3:a:ca:unified_infrastructure_management_snap:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9165

Products

Pricing

Contact Us