CVE-2019-16755
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. Affected DWP versions: versions: 3.x to 18.x, all versions, service packs, and patches are affected by this vulnerability. Affected SmartIT versions: 1.x, 2.0, 18.05, 18.08, and 19.02, all versions, service packs, and patches are affected by this vulnerability.
BMC Remedy ITSM Suite es propenso a vulnerabilidades no especificadas en los componentes DWP y SmartIT, puede permitir a los atacantes remotos realizar la ejecución de comandos remotos previamente autenticados en el sistema operativo que ejecuta la aplicación de destino. Versiones de DWP afectadas: versiones: 3.xa 18.x, todas las versiones, service packs y parches están afectados por esta vulnerabilidad. Versiones de SmartIT afectadas: 1.x, 2.0, 18.05, 18.08 y 19.02, todas las versiones, service packs y parches están afectados por esta vulnerabilidad.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-09-24 CVE Reserved
- 2019-09-26 CVE Published
- 2023-11-05 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-502: Deserialization of Untrusted Data
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Bmc Search vendor "Bmc" | Myit Digital Workplace Search vendor "Bmc" for product "Myit Digital Workplace" | < 18.08.00 Search vendor "Bmc" for product "Myit Digital Workplace" and version " < 18.08.00" | - |
Affected
| ||||||