CVE-2006-2201 - OpenCVE

Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Broadcom	Resource Initialization Manager

Configuration 1 [-]

cpe:2.3:a:broadcom:resource_initialization_manager:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/19953
http://securitytracker.com/id?1016028
http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp
http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp
http://www.osvdb.org/25234
http://www.securityfocus.com/archive/1/433246/100/0/threaded
http://www.securityfocus.com/bid/17840
http://www.vupen.com/english/advisories/2006/1656
https://exchange.xforce.ibmcloud.com/vulnerabilities/26234

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-05-04T16:00:00

Updated: 2024-08-07T17:43:28.308Z

Reserved: 2006-05-04T00:00:00

Link: CVE-2006-2201

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-05-04T16:06:00.000

Modified: 2021-04-09T18:52:48.513

Link: CVE-2006-2201

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-05-02T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain \"problem state program\" that uses SVC to gain access to supervisor state, key 0."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2006-1656", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1656"}, {"name": "25234", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25234"}, {"name": "1016028", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016028"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp"}, {"name": "20060508 CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/433246/100/0/threaded"}, {"name": "17840", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17840"}, {"name": "cairim-lmp-privilege-escalation(26234)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26234"}, {"name": "19953", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19953"}, {"tags": ["x_refsource_MISC"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2201", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain \"problem state program\" that uses SVC to gain access to supervisor state, key 0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2006-1656", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1656"}, {"name": "25234", "refsource": "OSVDB", "url": "http://www.osvdb.org/25234"}, {"name": "1016028", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016028"}, {"name": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp"}, {"name": "20060508 CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/433246/100/0/threaded"}, {"name": "17840", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17840"}, {"name": "cairim-lmp-privilege-escalation(26234)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26234"}, {"name": "19953", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19953"}, {"name": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp", "refsource": "MISC", "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:43:28.308Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2006-1656", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1656"}, {"name": "25234", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25234"}, {"name": "1016028", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016028"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp"}, {"name": "20060508 CAID 34013 - CA Common Services CAIRIM on z/OS LMP SVC vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/433246/100/0/threaded"}, {"name": "17840", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17840"}, {"name": "cairim-lmp-privilege-escalation(26234)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26234"}, {"name": "19953", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19953"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2201", "datePublished": "2006-05-04T16:00:00", "dateReserved": "2006-05-04T00:00:00", "dateUpdated": "2024-08-07T17:43:28.308Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:resource_initialization_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A7BAFEB-8178-41E2-80AB-692B264F16A2", "versionEndIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain \"problem state program\" that uses SVC to gain access to supervisor state, key 0."}], "evaluatorSolution": "This vulnerability affects all z/OS releases of this product prior to May 2, 2006.\r\nThis vulnerability is addressed in the 20060502 release of this product.", "id": "CVE-2006-2201", "lastModified": "2021-04-09T18:52:48.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-05-04T16:06:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19953"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1016028"}, {"source": "cve@mitre.org", "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairim-affprods.asp"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/cairimsecurity-notice.asp"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/25234"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/433246/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/17840"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1656"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26234"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}