cnvd - cnvd-2016-01960

CNVD-2016-01960

Vulnerability from cnvd - Published: 2016-03-31

Title

BMC Software BladeLogic Server Automation Suite RSCD Agent密码重置漏洞

Description

BMC Software BladeLogic Server Automation Suite是美国BMC Software公司的一套用于管理服务器和应用的生命周期的解决方案。基于Linux和Unix平台的BMC Software BladeLogic Server Automation Suite的RSCD Agent中存在密码重置漏洞。远程攻击者可利用该漏洞借助Remote Procedure Call(RPC) API重置密码。

Severity

高

Patch Name

BMC Software BladeLogic Server Automation Suite RSCD Agent密码重置漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution

Reference

https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution https://communities.bmc.com/blogs/application-security-news/2016/03/02/bmc-server-automation-bsa-vulnerabilities-in-unixlinux-rscd-agent-cve-ids-cve-2016-1542-cve-2016-1543 https://docs.bmc.com/docs/display/public/bsa87/Notification+of+critical+security+issue+in+BMC+Server+Automation

Impacted products

Name
BMC Software BladeLogic Server Automation Suite

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1543"
    }
  },
  "description": "BMC Software BladeLogic Server Automation Suite\u662f\u7f8e\u56fdBMC Software\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u7ba1\u7406\u670d\u52a1\u5668\u548c\u5e94\u7528\u7684\u751f\u547d\u5468\u671f\u7684\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u57fa\u4e8eLinux\u548cUnix\u5e73\u53f0\u7684BMC Software BladeLogic Server Automation Suite\u7684RSCD Agent\u4e2d\u5b58\u5728\u5bc6\u7801\u91cd\u7f6e\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u501f\u52a9Remote Procedure Call(RPC) API\u91cd\u7f6e\u5bc6\u7801\u3002",
  "discovererName": "ERNW GmbH",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE\u0026type=Solution",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-01960",
  "openTime": "2016-03-31",
  "patchDescription": "BMC Software BladeLogic Server Automation Suite\u662f\u7f8e\u56fdBMC Software\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u7ba1\u7406\u670d\u52a1\u5668\u548c\u5e94\u7528\u7684\u751f\u547d\u5468\u671f\u7684\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u57fa\u4e8eLinux\u548cUnix\u5e73\u53f0\u7684BMC Software BladeLogic Server Automation Suite\u7684RSCD Agent\u4e2d\u5b58\u5728\u5bc6\u7801\u91cd\u7f6e\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u501f\u52a9Remote Procedure Call(RPC) API\u91cd\u7f6e\u5bc6\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "BMC Software BladeLogic Server Automation Suite RSCD Agent\u5bc6\u7801\u91cd\u7f6e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "BMC Software BladeLogic Server Automation Suite"
  },
  "referenceLink": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE\u0026type=Solution\thttps://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE\u0026amp;type=Solution\thttps://communities.bmc.com/blogs/application-security-news/2016/03/02/bmc-server-automation-bsa-vulnerabilities-in-unixlinux-rscd-agent-cve-ids-cve-2016-1542-cve-2016-1543\thttps://docs.bmc.com/docs/display/public/bsa87/Notification+of+critical+security+issue+in+BMC+Server+Automation",
  "serverity": "\u9ad8",
  "submitTime": "2016-03-30",
  "title": "BMC Software BladeLogic Server Automation Suite RSCD Agent\u5bc6\u7801\u91cd\u7f6e\u6f0f\u6d1e"
}

CVE-2016-1543 (GCVE-0-2016-1543)

Vulnerability from cvelistv5 – Published: 2016-06-13 14:00 – Updated: 2024-08-05 23:02

Summary

The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure.

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

Tags

	https://www.insinuator.net/2016/03/bmc-bladelogic…	x_refsource_MISC
	http://www.securityfocus.com/archive/1/537910/100…	mailing-listx_refsource_BUGTRAQ
	https://www.exploit-db.com/exploits/43902/	exploitx_refsource_EXPLOIT-DB
	https://www.exploit-db.com/exploits/43939/	exploitx_refsource_EXPLOIT-DB
	http://packetstormsecurity.com/files/136462/BMC-S…	x_refsource_MISC
	https://selfservice.bmc.com/casemgmt/sc_Knowledge…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:02:11.537Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/"
          },
          {
            "name": "20160328 BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/537910/100/0/threaded"
          },
          {
            "name": "43902",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/43902/"
          },
          {
            "name": "43939",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/43939/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE\u0026type=Solution"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/"
        },
        {
          "name": "20160328 BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/537910/100/0/threaded"
        },
        {
          "name": "43902",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/43902/"
        },
        {
          "name": "43939",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/43939/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE\u0026type=Solution"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-1543",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and reset arbitrary user passwords by sending an action packet to xmlrpc after an authorization failure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/",
              "refsource": "MISC",
              "url": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/"
            },
            {
              "name": "20160328 BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/537910/100/0/threaded"
            },
            {
              "name": "43902",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/43902/"
            },
            {
              "name": "43939",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/43939/"
            },
            {
              "name": "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/136462/BMC-Server-Automation-BSA-RSCD-Agent-Unauthorized-Password-Reset.html"
            },
            {
              "name": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE\u0026type=Solution",
              "refsource": "CONFIRM",
              "url": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE\u0026type=Solution"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2016-1543",
    "datePublished": "2016-06-13T14:00:00",
    "dateReserved": "2016-01-07T00:00:00",
    "dateUpdated": "2024-08-05T23:02:11.537Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-01960

CVE-2016-1543 (GCVE-0-2016-1543)

Tags

Sightings

Nomenclature