CVE-2019-16755

Name of the Vulnerable Software and Affected Versions BMC Remedy ITSM Suite DWP versions 3.x through 18.x BMC Remedy ITSM Suite SmartIT versions 1.x through 19.02

Description The issue allows remote attackers to execute remote commands on the operating system running the targeted application without prior authentication. This is due to unspecified vulnerabilities in both DWP and SmartIT components.

Recommendations For DWP versions 3.x through 18.x, update to a version that includes a fix for this issue. For SmartIT versions 1.x through 19.02, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to the DWP and SmartIT components to minimize the risk of exploitation.