CVE-2016-1543

EUVD-2016-2638
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
bmcbladelogic_server_automation_console
8.2.02
bmcbladelogic_server_automation_console
8.2.03
bmcbladelogic_server_automation_console
8.2.04
bmcbladelogic_server_automation_console
8.3.00
bmcbladelogic_server_automation_console
8.3.01
bmcbladelogic_server_automation_console
8.3.02
bmcbladelogic_server_automation_console
8.3.03
bmcbladelogic_server_automation_console
8.5.00
bmcbladelogic_server_automation_console
8.5.01
bmcbladelogic_server_automation_console
8.6.00
bmcbladelogic_server_automation_console
8.7.00
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html
http://www.securityfocus.com/archive/1/537910/100/0/threaded
https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution
https://www.exploit-db.com/exploits/43902/
https://www.exploit-db.com/exploits/43939/
https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/
http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html
http://www.securityfocus.com/archive/1/537910/100/0/threaded
https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution
https://www.exploit-db.com/exploits/43902/
https://www.exploit-db.com/exploits/43939/
https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/