CVE-2016-4322

Published: Dec 13, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remote attackers to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20160904 Unauthenticated Arbitrary Directory Dump in BMC BladeLogic Server Automation

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/138600/BMC-BladeLogic-Server-Automation-For-Linux-8.7-Directory-Dump.html

x_refsource_MISC

92736

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4322

Description

Affected Products

References