CVE-2018-13821

CRITICAL

CA Unified Infrastructure Management 8.4.7, 8.5, 8.5.1 - Unauthenticated Improper Authentication

Title source: llm

Description

A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/105199

Mitigation, Patch, Vendor Advisory x_refsource_confirm

https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-02--security-notice-for-ca-unified-infrastructure-mgt.html

Scores

CVSS v3 9.8

EPSS 0.0268

EPSS Percentile 83.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (3)

ca/unified_infrastructure_management 8.4.7

ca/unified_infrastructure_management 8.5

ca/unified_infrastructure_management 8.5.1

Published Aug 30, 2018

Tracked Since Feb 18, 2026