CVE-2016-9795 Broadcom CVE debrief

Who should care

Administrators, endpoint/infra management teams, and security operators running CA Client Automation, CA SystemEDGE, CA Systems Performance for Infrastructure Managers, CA Universal Job Management Agent, CA Virtual Assurance for Infrastructure Managers, or CA Workload Automation AE on AIX, HP-UX, Linux, or Solaris.

Technical summary

NVD classifies this as CVE-2016-9795 with CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H and CWE-20 (Improper Input Validation). The vulnerable casrvc program in CA Common Services is described as allowing local users to modify arbitrary files, which can be leveraged to escalate privileges to root. The affected scope spans multiple CA product lines and Unix-like platforms listed in the CVE record.

Defensive priority

High

Recommended defensive actions

• Inventory all CA products and versions named in the CVE record across Unix-like hosts.
• Apply Broadcom/CA's security notice guidance for casrvc as soon as possible and upgrade to remediated builds where available.
• Restrict unnecessary local access on affected systems, especially accounts that can interact with the casrvc environment.
• Review file-integrity and audit logs for unexpected changes to privileged or application-managed files.
• Validate that patched systems no longer match the vulnerable product/version combinations listed in the CVE record.

Evidence notes

The CVE was published on 2017-01-27T22:59:02.100Z; the later NVD modified timestamp (2026-05-13T00:24:29.033Z) reflects record maintenance, not original disclosure. The supplied record links a Broadcom/CA vendor advisory plus third-party SecurityFocus and SecurityTracker references. NVD lists affected CPEs for CA Client Automation, SystemEDGE, Systems Performance for Infrastructure Managers, Universal Job Management Agent, Virtual Assurance for Infrastructure Managers, and Workload Automation AE.

Official resources