CVE-2016-9795

Published: Jan 27, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.

Affected (14)

Products: Broadcom: Ca Workload Automation Ae, Client Automation, Systemedge, Systems Performance For Infrastructure Managers · Ca: Universal Job Management Agent, Virtual Assurance For Infrastructure Managers

Broadcom

4 products

Ca Workload Automation Ae

Client Automation

Systemedge

Systems Performance For Infrastructure Managers

2 products

Universal Job Management Agent

Virtual Assurance For Infrastructure Managers

Configuration A

14 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Broadcom Ca Workload Automation Ae	Version 11.0
Broadcom Ca Workload Automation Ae	Version 11.3.5
Broadcom Ca Workload Automation Ae	Version 11.3.6
Broadcom Ca Workload Automation Ae	Version 11.3
Broadcom Client Automation	Version 12.8
Broadcom Client Automation	Version 12.9
Broadcom Client Automation	Version 14.0
Broadcom Systemedge	Version 5.8.2
Broadcom Systemedge	Version 5.9
Broadcom Systems Performance For Infrastructure Managers	Version 12.8
Broadcom Systems Performance For Infrastructure Managers	Version 12.9
Ca Universal Job Management Agent	Version 11.2
Ca Virtual Assurance For Infrastructure Managers	Version 12.8
Ca Virtual Assurance For Infrastructure Managers	Version 12.9