CVE-2015-3316

CA Common Services - Privilege Escalation

Title source: llm

Description

CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, allows local users to gain privileges via an unspecified environment variable.

References (4)

[Vendor Advisory] http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1032512

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1032513

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/75033

Scores

EPSS 0.0007

EPSS Percentile 20.8%

Classification

Status draft

Affected Products (17)

broadcom/network_and_systems_management

ca/client_automation

ca/client_automation

ca/client_automation

ca/network_and_systems_management

ca/nsm_job_management_option

ca/nsm_job_management_option

ca/nsm_job_management_option

ca/universal_job_management_agent

ca/virtual_assurance_for_infrastructure_managers

ca/virtual_assurance_for_infrastructure_managers

ca/virtual_assurance_for_infrastructure_managers

ca/virtual_assurance_for_infrastructure_managers

ca/workload_automation_ae

ca/workload_automation_ae

... and 2 more

Timeline

Published Jun 17, 2015

Tracked Since Feb 18, 2026