Vulnerability Details CVE-2016-2349
Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/95075
- http://www.securitytracker.com/id/1037529
- https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000l6kbCAA&type=Solution
- http://www.securityfocus.com/bid/95075
- http://www.securitytracker.com/id/1037529
- https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000l6kbCAA&type=Solution
Products affected by CVE-2016-2349
-
cpe:2.3:a:bmc:remedy_action_request_system:8.1
-
cpe:2.3:a:bmc:remedy_action_request_system:9.0
-
cpe:2.3:a:bmc:remedy_action_request_system:9.1