CVE-2020-8010

Name of the Vulnerable Software and Affected Versions CA Unified Infrastructure Management (Nimsoft/UIM) versions 9.20 and below CA Unified Infrastructure Management (Nimsoft/UIM) version 20.1 CA Unified Infrastructure Management (Nimsoft/UIM) versions 20.3.x

Description The issue is related to improper ACL handling in the robot (controller) component. A remote attacker can exploit this to execute commands, read from, or write to the target system.

Recommendations For CA Unified Infrastructure Management (Nimsoft/UIM) versions 9.20 and below, update to a version above 9.20 to resolve the issue. For CA Unified Infrastructure Management (Nimsoft/UIM) version 20.1, update to a version other than 20.1 to resolve the issue. For CA Unified Infrastructure Management (Nimsoft/UIM) versions 20.3.x, update to a version outside of the 20.3.x range to resolve the issue.