Ca: >> Unified Infrastructure Management >> 8.4.7 Security Vulnerabilities
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-08-30
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-08-30
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
CVSS Score
9.8
EPSS Score
0.05
Published
2018-08-30
The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.009
Published
2017-03-20