CVE-2016-9164
Summary
| CVE | CVE-2016-9164 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-03-07 15:59:00 UTC |
| Updated | 2017-03-09 18:32:00 UTC |
| Description | Directory traversal vulnerability in diag.jsp file in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) 8.4 SP1 and earlier and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to read arbitrary files via unspecified vectors. |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ca | Unified Infrastructure Management | All | sp1 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CA Unified Infrastructure Management Directory Traversal And Security Bypass Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CA Unified Infrastructure Management Bypass / Traversal / Disclosure ≈ Packet Storm | MISC | packetstormsecurity.com | Third Party Advisory, VDB Entry |
| Zero Day Initiative | MISC | www.zerodayinitiative.com | Third Party Advisory, VDB Entry |
| Full Disclosure: CA20161109-01: Security Notice for CA Unified Infrastructure Management | FULLDISC | seclists.org | Third Party Advisory, VDB Entry |
| CA20161109-01: Security Notice for CA Unified Infrastructure Management | CONFIRM | www.ca.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.