APP: BMC BladeLogic Server Command Injection
This signature detects attempts to exploit a known vulnerability against BMC BladeLogic Server. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.
Affected Products
Bmc bladelogic_server_automation_console
References
CVE: CVE-2016-1542
Short Name
APP:MISC:BMC-SERVER-CMD-INJ
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
BMC BladeLogic CVE-2016-1542 Command Injection Server
Release Date
08/12/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3409
Port
TCP/4750
False Positive
Unknown
Vendors
Bmc
CVSS Score
5.0