CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1543

The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.757

EPSS Ranking 98.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2016-1543

Bmc » Bladelogic Server Automation Console » Version: 8.2.02

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.2.02
Bmc » Bladelogic Server Automation Console » Version: 8.2.03

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.2.03
Bmc » Bladelogic Server Automation Console » Version: 8.2.04

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.2.04
Bmc » Bladelogic Server Automation Console » Version: 8.3.00

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.3.00
Bmc » Bladelogic Server Automation Console » Version: 8.3.01

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.3.01
Bmc » Bladelogic Server Automation Console » Version: 8.3.02

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.3.02
Bmc » Bladelogic Server Automation Console » Version: 8.3.03

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.3.03
Bmc » Bladelogic Server Automation Console » Version: 8.5.00

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.5.00
Bmc » Bladelogic Server Automation Console » Version: 8.5.01

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.5.01
Bmc » Bladelogic Server Automation Console » Version: 8.6.00

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.6.00
Bmc » Bladelogic Server Automation Console » Version: 8.7.00

cpe:2.3:a:bmc:bladelogic_server_automation_console:8.7.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1543

Products

Pricing

Contact Us