CVE-2016-5063 BMC Server Automation Windows RSCD Agent vulnerability

漏洞类别:Local

漏洞等级:

漏洞信息

BladeLogic Server Automation from BMC allows quick and secure solution to configure, patch and maintain physical, virtual, and cloud servers.

The Windows RSCD Agent is affected by a authorization bypass vulnerability which allows remote systems to connect to the agent because the “users” file does not implement access restriction properly.

Affected Version:
BMC Server Automation, prior to version 8.6 SP1 Patch 2
BMC Server Automation, prior to version 8.7 Patch 3

QID Detection Logic:
The QID uses registry keys “HKLM\SYSTEM\CurrentControlSet\services\RSCDsvc” value “ImagePath” and “HKLM\\Software\\BladeLogic\\RSCD\\Agent” value “AgentHome” to check for the vulnerable version with the help of file “RSCDsvc.exe”.

漏洞危害

Successful exploitation of the vulnerability allows remote systems to connect to the Windows RSCD Agent because the “users” file does not implement access restriction properly.

解决方案

For more information, customers are advised to refer the vendor advisory

Patch:
Following are links for downloading patches to fix the vulnerabilities:

BMC Server Automation: Windows

Leave a Reply