Vulnerability Description
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ca | Service Desk Management | 14.1 |
| Ca | Service Desk Manager | 12.9 |
| Ibm | Aix | All versions |
| Linux | Linux Kernel | All versions |
| Microsoft | Windows | All versions |
| Oracle | Solaris | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/95366Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037583Third Party AdvisoryVDB Entry
- https://www.ca.com/us/services-support/ca-support/ca-support-online/product-contPatchVendor Advisory
- http://www.securityfocus.com/bid/95366Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037583Third Party AdvisoryVDB Entry
- https://www.ca.com/us/services-support/ca-support/ca-support-online/product-contPatchVendor Advisory
FAQ
What is CVE-2016-10086?
CVE-2016-10086 is a vulnerability with a CVSS score of 8.1 (HIGH). RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions a...
How severe is CVE-2016-10086?
CVE-2016-10086 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-10086?
Check the references section above for vendor advisories and patch information. Affected products include: Ca Service Desk Management, Ca Service Desk Manager, Ibm Aix, Linux Linux Kernel, Microsoft Windows.