CVE-1999-1355

Name of the Vulnerable Software and Affected Versions: BMC Patrol component with Compaq Insight Management Agent versions 4.23 and earlier BMC Patrol component with Management Agents for Servers versions 4.40 and earlier

Description: The issue arises when the BMC Patrol component is installed with specific versions of Compaq Insight Management Agent or Management Agents for Servers. It creates a PFCUser account that has a default password and potentially dangerous privileges.

Recommendations: For Compaq Insight Management Agent versions 4.23 and earlier, update the Management Agent to a version later than 4.23 to resolve the issue. For Management Agents for Servers versions 4.40 and earlier, update the Management Agent to a version later than 4.40 to resolve the issue. As a temporary workaround, consider changing the default password of the PFCUser account to a secure password until a patch is available.