Published: 13/06/2016 Updated: 09/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 511

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote malicious users to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bmc bladelogic server automation console 8.3.02
bmc bladelogic server automation console 8.7.00
bmc bladelogic server automation console 8.3.00
bmc bladelogic server automation console 8.2.02
bmc bladelogic server automation console 8.6.00
bmc bladelogic server automation console 8.5.01
bmc bladelogic server automation console 8.2.03
bmc bladelogic server automation console 8.3.01
bmc bladelogic server automation console 8.2.04
bmc bladelogic server automation console 8.5.00
bmc bladelogic server automation console 8.3.03

BMC BladeLogic version 830064 suffers from a remote command execution vulnerability ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Exploit::Remote::Tcp include Msf::Exploit::CmdStager include Msf::Exploit::Powershell def initialize(info = {}) sup ...

# Exploit Title: BMC BladeLogic RSCD agent remote exec - XMLRPC version # Filename: BMC_rexecpy # Github: githubcom/bao7uo/bmc_bladelogic # Date: 2018-01-24 # Exploit Author: Paul Taylor / Foregenix Ltd # Website: wwwforegenixcom/blog # Version: BMC RSCD agent 830064 # CVE: CVE-2016-1542 (BMC-2015-0010), CVE-2016-1543 (BMC-201 ...

Remix of BMC RSCD Scripts

bmc_rscd_rce Remix of BMC RSCD Scripts Nicky Bloor brought you the POC githubcom/NickstaDB/PoC/blob/master/BMC_RSCD_RCE/BMC-RSCD-RCE-CVE-2016-1542py Bao7uo put together some additional scripts githubcom/bao7uo/bmc_bladelogic However those scripts only work for older Python versions For Python3, a package or two need to be changed to get it to work I've

BMC Bladelogic RSCD exploits including remote code execution - CVE-2016-1542, CVE-2016-1543, CVE-2016-5063

BMC Bladelogic RSCD remote exploits for Linux and Windows Change passwords, List users and Remote code execution Exploiting vulnerabilities in BMC BladeLogic RSCD agent CVE-2016-1542 (BMC-2015-0010) CVE-2016-1543 (BMC-2015-0011) CVE-2016-5063 Published on exploit-db BMC_rexecpy wwwexploit-dbcom/exploits/43902/ BMC_winUserspy wwwexploit-dbcom/exploit

A rebuilt version of the exploit for CVE-2016-1542 and CVE-2016-1543 from insinuator.net

bladelogic_bmc-cve-2016-1542 A rebuilt version of the exploit for CVE-2016-1542 and CVE-2016-1543 from insinuatornet (insinuatornet/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/) I recently came across systems vulnerable to this CVE in a recent penetration test and found exploits from insinuator - however for unknown reasons (change in Python requests functi

CWE-20 https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution http://packetstormsecurity.com/files/136461/BMC-Server-Automation-BSA-RSCD-Agent-User-Enumeration.html https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/https://www.exploit-db.com/exploits/43902/https://www.exploit-db.com/exploits/43939/http://www.securityfocus.com/archive/1/537909/100/0/threaded https://nvd.nist.gov https://github.com/blamhang/bmc_rscd_rce https://packetstormsecurity.com/files/146122/BMC-BladeLogic-8.3.00.64-Remote-Command-Execution.html https://www.exploit-db.com/exploits/43939/

CVE-2016-1542

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect