RSS   Vulnerabilities for
'Bladelogic server automation console'
   RSS

2016-12-13
 
CVE-2016-4322

CWE-287
 

 
BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remote attackers to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.

 
2016-06-13
 
CVE-2016-1543

CWE-284
 

 
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure.

 
 
CVE-2016-1542

CWE-20
 

 
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.

 

 >>> Vendor: BMC 24 Products
Patrol agent
Software control-m agent
Remedy action request system
Performance manager
Patrol perform agent
Capacity management essentials
Performance analysis for servers
Performance analyzer for servers
Performance assurance for servers
Performance assurance for virtual servers
Performance predictor for servers
Identity management suite
Service desk express
Bmc track-it!
Bladelogic server automation console
Patrol
Server automation
Footprints service core
Track-it!
Remedy action request system server
Remedy mid-tier
Remedy smart reporting
Myit digital workplace
Remedy ar system server


Copyright 2024, cxsecurity.com

 

Back to Top