Remote Code Execution Vulnerability in BMC Server Automation Agent on Windows
CVE-2016-5063

5.3MEDIUM

Key Information:

Vendor: Bmc
Status: Server Automation
Vendor: CVE Published:; 2 May 2017

🔔 Create Bmc Vulnerability Alert

What is CVE-2016-5063?

The RSCD agent within BMC Server Automation has a vulnerability that may allow remote attackers to bypass authorization checks and execute RPC calls on Windows systems. This flaw could lead to unauthorized control or manipulation, compromising system integrity and security. It is crucial for users to update their software to the latest patches to mitigate this risk.

References

http://www.securityfocus.com/bid/93948

vdb-entryx_refsource_BID

https://www.exploit-db.com/exploits/43934/

exploitx_refsource_EXPLOIT-DB

https://docs.bmc.com/docs/display/bsa87/Notification+of+W...

x_refsource_CONFIRM

EPSS Score

16% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2017
Vulnerability Reserved
May 26, 2016

.

CVE-2016-5063 : Remote Code Execution Vulnerability in BMC Server Automation Agent on Windows