CyberSec.Space Logo
Back to CVE Browser

CVE-2009-0043

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile21.03th
PublishedJan 8, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

The smmsnmpd service in CA Service Metric Analysis r11.0 through r11.1 SP1 and Service Level Management 3.5 does not properly restrict access, which allows remote attackers to execute arbitrary commands via unspecified vectors.

Affected Platforms (CPE)

πŸ“¦
Ca

Service Level Management

= 3.5
πŸ“¦
Ca

Service Metric Analysis

= r11.0
πŸ“¦
Ca

Service Metric Analysis

= r11.1
πŸ“¦
Ca

Service Metric Analysis

= r11.1

References & Advisories

πŸ”— http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/07.aspx
πŸ”— http://securityreason.com/securityalert/4887
πŸ”— http://www.securityfocus.com/archive/1/499857/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/33161
πŸ”— http://www.vupen.com/english/advisories/2009/0053
πŸ”— https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=196148
πŸ”— http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/07.aspx
πŸ”— http://securityreason.com/securityalert/4887

Related Vulnerabilities

CVE-2021-138810.0

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could a...

CVE-2020-361669.3

An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Windows, Storage Foundation through 6.1 on Windows, Storage Foun...

CVE-2009-00629.0

Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cis...

CVE-2019-17538.8

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to...