Security Notice for CA Unified Infrastructure Management

buy Lyrica in thailand Overview :

Multiple issues was discovered in CA Unified Infrastructure Management

buy generic Lurasidone Affected Product(s) :

Vulnerability Details :

CVE ID :	CVE-2020-8012
	CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code.
CVE ID :	CVE-2020-8011
	CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service.
CVE ID :	CVE-2020-8010
	CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.

Solution :

CA Technologies published the following solutions to address the vulnerabilities:

robot_update patches 7.97HF8 (or above), 9.20HF9 (or above), and 9.20SHF9 (or above)

Note: UIM 8.5.1 users must upgrade robot to 7.97HF8.

Hotfixes are available at:

References

CVE-2020-8010 – CA UIM Probe Improper ACL Handling RCE

CVE-2020-8011 – CA UIM Improper Probe Handling NPD DoS

CVE-2020-8012 – CA UIM nimbuscontroller Buffer Overflow RCE

Contact us to get started

Description Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE)

Learn more

Description Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe,

Learn more

Description SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly,

Learn more