CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17043
https://notcve.org/view.php?id=CVE-2019-17043
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker to elevate his/her privileges to the ones of the "patrol" user by specially crafting a shared library .so file that will be loaded during execution. Se detectó un problema en BMC Patrol Agent versión 9.0.10i. Los permisos de ejecución débiles en el binario SUID best1collect.exe podrían permitir a un atacante elevar sus privilegios a los del usuario "patrol" al diseñar especialmente un archivo .so de biblioteca compartida que se cargará durante la ejecución. • https://github.com/blogresponder/BMC-Patrol-Agent-local-root-privilege-escalation https://twitter.com/whira_wr • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-17044
https://notcve.org/view.php?id=CVE-2019-17044
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with "patrol" privileges to elevate his/her privileges to the ones of the "root" user by specially crafting a shared library .so file that will be loaded during execution. Se descubrió un problema en BMC Patrol Agent versión 9.0.10i. Los permisos de ejecución débiles en el binario SUID de PatrolAgent podrían permitir a un atacante con privilegios de "patrol" elevar sus privilegios a los del usuario "root" al diseñar especialmente un archivo .so de biblioteca compartida que se cargará durante la ejecución. • https://docs.bmc.com/docs/PATROLAgent/11302/notification-of-action-required-by-patrol-agent-users-to-apply-the-security-patch-898411558.html https://github.com/blogresponder/BMC-Patrol-Agent-local-root-privilege-escalation https://twitter.com/whira_wr • CWE-276: Incorrect Default Permissions •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-16755
https://notcve.org/view.php?id=CVE-2019-16755
BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions: 3.x to 18.x, all versions, service packs, and patches are affected by this vulnerability. Affected SmartIT versions: 1.x, 2.0, 18.05, 18.08, and 19.02, all versions, service packs, and patches are affected by this vulnerability. BMC Remedy ITSM Suite es propenso a vulnerabilidades no especificadas en los componentes DWP y SmartIT, puede permitir a los atacantes remotos realizar la ejecución de comandos remotos previamente autenticados en el sistema operativo que ejecuta la aplicación de destino. Versiones de DWP afectadas: versiones: 3.xa 18.x, todas las versiones, service packs y parches están afectados por esta vulnerabilidad. • https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA21O000000gnYQSAY&type=Solution • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2019-1010147
https://notcve.org/view.php?id=CVE-2019-1010147
Yellowfin Smart Reporting All Versions Prior to 7.3 is affected by: Incorrect Access Control - Privileges Escalation. The impact is: Victim attacked and access admin functionality through their browser and control browser. The component is: MIAdminStyles.i4. The attack vector is: Victims are typically lured to a web site under the attacker's control; the XSS vulnerability on the target domain is silently exploited without the victim's knowledge. The fixed version is: 7.4 and later. • https://drive.google.com/open?id=1sk5IklziyEggeWpWE4Wyk9xqa30CjNpS • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-8352 – IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-8352
By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials and use them to execute code or escalate privileges on the network. Por defecto, BMC PATROL Agent hasta el 11.3.01 usa una Clave de Cifrado estática para cifrar / descifrar las credenciales de usuario enviadas a través de la red a los servicios administrados de PATROL Agent. Si un atacante pudiera capturar este tráfico de red, podría descifrar estas credenciales y usarlas para ejecutar código o escalar privilegios en la red. • https://www.exploit-db.com/exploits/46969 https://www.securifera.com/advisories/CVE-2019-8352 • CWE-798: Use of Hard-coded Credentials •