CVE-2006-2201 - OpenCVE

Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Broadcom	Resource Initialization Manager

Configuration 1 [-]

cpe:2.3:a:broadcom:resource_initialization_manager:*:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/19953	Patch Vendor Advisory
http://securitytracker.com/id?1016028	Patch
http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp
http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp	Vendor Advisory
http://www.osvdb.org/25234
http://www.securityfocus.com/archive/1/433246/100/0/threaded
http://www.securityfocus.com/bid/17840	Patch
http://www.vupen.com/english/advisories/2006/1656	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26234

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2006-05-04T16:00:00

Updated: 2018-10-18T14:57:01

Reserved: 2006-05-04T00:00:00

Link: CVE-2006-2201

JSON object: View

NVD Information

Status : Modified

Published: 2006-05-04T16:06:00.000

Modified: 2021-04-09T18:52:48.513

Link: CVE-2006-2201

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-05-02T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain \"problem state program\" that uses SVC to gain access to supervisor state, key 0."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2006-1656", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1656"}, {"name": "25234", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25234"}, {"name": "1016028", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016028"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp"}, {"name": "20060508 CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/433246/100/0/threaded"}, {"name": "17840", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17840"}, {"name": "cairim-lmp-privilege-escalation(26234)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26234"}, {"name": "19953", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19953"}, {"tags": ["x_refsource_MISC"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2201", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain \"problem state program\" that uses SVC to gain access to supervisor state, key 0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2006-1656", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1656"}, {"name": "25234", "refsource": "OSVDB", "url": "http://www.osvdb.org/25234"}, {"name": "1016028", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016028"}, {"name": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp"}, {"name": "20060508 CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/433246/100/0/threaded"}, {"name": "17840", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17840"}, {"name": "cairim-lmp-privilege-escalation(26234)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26234"}, {"name": "19953", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19953"}, {"name": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp", "refsource": "MISC", "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2201", "datePublished": "2006-05-04T16:00:00", "dateReserved": "2006-05-04T00:00:00", "dateUpdated": "2018-10-18T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:resource_initialization_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A7BAFEB-8178-41E2-80AB-692B264F16A2", "versionEndIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain \"problem state program\" that uses SVC to gain access to supervisor state, key 0."}], "evaluatorSolution": "This vulnerability affects all z/OS releases of this product prior to May 2, 2006.\r\nThis vulnerability is addressed in the 20060502 release of this product.", "id": "CVE-2006-2201", "lastModified": "2021-04-09T18:52:48.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-05-04T16:06:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19953"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1016028"}, {"source": "cve@mitre.org", "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/25234"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/433246/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/17840"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1656"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26234"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}