CVEs-PoC/2020/CVE-2020-8010.md

### [CVE-2020-8010](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8010)
![](https://img.shields.io/static/v1?label=Product&message=CA%20Unified%20Infrastructure%20Management%20(Nimsoft%2FUIM)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=improper%20ACL%20handling%20RCE&color=brighgreen)

### Description

CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system.

### POC

#### Reference
- http://packetstormsecurity.com/files/158693/CA-Unified-Infrastructure-Management-Nimsoft-7.80-Buffer-Overflow.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/wetw0rk/CA-UIM-Nimbus-Research