CVE-2016-5063

Опубликовано: 02 мая 2017

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Средний

Описание

The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vectors.

Ссылки

http://www.securityfocus.com/bid/93948
Third Party Advisory
VDB Entry
https://docs.bmc.com/docs/display/bsa87/Notification+of+Windows+RSCD+Agent+vulnerability+in+BMC+Server+Automation+CVE-2016-5063
Mitigation
Vendor Advisory
https://www.exploit-db.com/exploits/43902/
https://www.exploit-db.com/exploits/43934/
http://www.securityfocus.com/bid/93948
Third Party Advisory
VDB Entry
https://docs.bmc.com/docs/display/bsa87/Notification+of+Windows+RSCD+Agent+vulnerability+in+BMC+Server+Automation+CVE-2016-5063
Mitigation
Vendor Advisory
https://www.exploit-db.com/exploits/43902/
https://www.exploit-db.com/exploits/43934/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bmc:server_automation:*:sp1_patch_1:*:*:*:*:*:*

Версия до 8.6 (включая)

cpe:2.3:a:bmc:server_automation:*:patch_2:*:*:*:*:*:*

Версия до 8.7 (включая)

EPSS

Процентиль: 95%

0.16862

Средний

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-285

Связанные уязвимости

GHSA-qq52-r46m-jccq