CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9453
https://notcve.org/view.php?id=CVE-2017-9453
BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass. BMC Server Automation anterior a 8.9.01 parche 1 permite la ejecución del comando Process Spawner debido a la omisión de autenticación. • https://docs.bmc.com/docs/serverautomation/2002/notification-of-critical-security-issue-in-bmc-server-automation-cve-2017-9453-1020706453.html • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 2%CPEs: 2EXPL: 2CVE-2016-5063 – BMC BladeLogic 8.3.00.64 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2016-5063
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vectors. El agente RSCD en BMC Server Automation en la versión 8.6 SP1 Parche 2 y 8.7 anterior al Parche 3 en Windows, podría permitir a atacantes remotos evitar las comprobaciones de autorización y realizar una llamada RPC a través de vectores no especificados. BMC BladeLogic RSCD Agent version 8.3.00.64 suffers from a windows users disclosure vulnerability. • https://www.exploit-db.com/exploits/43902 https://www.exploit-db.com/exploits/43934 http://www.securityfocus.com/bid/93948 https://docs.bmc.com/docs/display/bsa87/Notification+of+Windows+RSCD+Agent+vulnerability+in+BMC+Server+Automation+CVE-2016-5063 • CWE-285: Improper Authorization •