Дата публикации: | 02.10.2012 |
Всего просмотров: | 942 |
Опасность: | Низкая |
Наличие исправления: | Да |
Количество уязвимостей: | 2 |
CVSSv2 рейтинг: | 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:O/RC:C) 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:O/RC:C) |
CVE ID: |
CVE-2012-0691 CVE-2012-0692 |
Вектор эксплуатации: | Локальная |
Воздействие: | Повышение привилегий |
CWE ID: | Нет данных |
Наличие эксплоита: | Нет данных |
Уязвимые продукты: |
CA Aion Business Rules Expert 11.x
CA ARCserve Backup 12.x CA ARCserve Backup 15.x CA ARCserve Backup 16.x CA ARCserve Central Applications 16.x CA ARCserve Central Host-Based VM Backup r16 CA ARCserve Central Virtual Standby r16 CA ARCServe D2D r15 CA ARCServe D2D r16 CA Automation Point r11 CA Client Automation r12 CA Common Services (CCS) 11.x CA ControlMinder 12.x CA ControlMinder for Virtual Environments 2.x CA Database Management 11.x CA Directory 8.x CA Easytrieve 11.x CA Fast Unload for Distributed Databases 11.x CA Gen r8 CA Identity Manager 12.x CA Insight Database Performance Manager 11.x CA IT Asset Manager (ITAM) r12 CA IT Client Manager 12.x CA IT Inventory Manager r12 CA NSM r11 CA Output Management Web Viewer r11 CA Plex r6 CA Repository for Distributed Systems r2 CA Service Accounting r12 CA Service Catalog r12 CA Service Desk 12.x CA Single Sign-On (SSO) r12 CA Single Sign-On 8.x CA Software Change Manager 12.x CA Software Compliance Manager r12 CA Storage Resource Manager 11.x CA Storage Resource Manager 12.x CA TSreorg for Distributed Databases 11.x CA Unicenter Asset Portfolio Management 11.x CA Unicenter Asset Portfolio Management r12 CA Workload Automation AE 4.x CA Workload Automation DE r11 CA XCOM Data Transport r11 |
Уязвимые версии: CA Aion Business Rules Expert 11.x CA ARCserve Backup 12.x CA ARCserve Backup 15.x CA ARCserve Backup 16.x CA ARCserve Central Applications 16.x CA ARCserve Central Host-Based VM Backup r16 CA ARCserve Central Virtual Standby r16 CA ARCServe D2D r15 CA ARCServe D2D r16 CA Automation Point r11 CA Client Automation r12 CA Common Services (CCS) 11.x CA ControlMinder 12.x CA ControlMinder for Virtual Environments 2.x CA Database Management 11.x CA Directory 8.x CA Easytrieve 11.x CA Fast Unload for Distributed Databases 11.x CA Gen r8 CA Identity Manager 12.x CA Insight Database Performance Manager 11.x CA IT Asset Manager (ITAM) r12 CA IT Client Manager 12.x CA IT Inventory Manager r12 CA NSM r11 CA Output Management Web Viewer r11 CA Plex r6 CA Repository for Distributed Systems r2 CA Service Accounting r12 CA Service Catalog r12 CA Service Desk 12.x CA Single Sign-On (SSO) r12 CA Single Sign-On 8.x CA Software Change Manager 12.x CA Software Compliance Manager r12 CA Storage Resource Manager 11.x CA Storage Resource Manager 12.x CA TSreorg for Distributed Databases 11.x CA Unicenter Asset Portfolio Management 11.x CA Unicenter Asset Portfolio Management r12 CA Workload Automation AE 4.x CA Workload Automation DE r11 CA XCOM Data Transport r11 Описание: 1. Уязвимость существует из-за небезопасного использования системных команд в компоненте CA Licensing. Локальный пользователь может повысить привилегии на целевой системе. 2. Уязвимость существует из-за ошибки в компоненте CA Licensing при обработке разрешений пользователей. Локальный пользователь может повысить привилегии на системе. URL производителя: http://www.ca.com/ Решение: Для устранения уязвимости установите продукт версии 1.90.03 с сайта производителя. |
|
Ссылки: | https://support.ca.com/irj/portal/anonymous/phpsupcontent |