PT-2016-4853 · Bmc · Bmc Bladelogic Server Automation

Olga Yanushkevich

Published

2016-06-13

Updated

2018-10-09

CVE-2016-1542

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions BMC BladeLogic Server Automation (BSA) versions 8.2.x through 8.7.x

Description The issue allows remote attackers to bypass authorization and enumerate users by sending an action packet to the xmlrpc endpoint after an authorization failure. This occurs due to a flaw in the RPC API in the RSCD agent on Linux and UNIX systems.

Recommendations For versions 8.2.x through 8.7.x, consider restricting access to the xmlrpc endpoint to minimize the risk of exploitation until a patch is available.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2016-1542

Affected Products

Bmc Bladelogic Server Automation

PT-2016-4853 · Bmc · Bmc Bladelogic Server Automation

CVE-2016-1542

Weakness Enumeration

Related Identifiers

Affected Products

References · 10