Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34258 | 1 Bmc | 1 Patrol | 2023-12-10 | N/A | 7.5 HIGH |
| An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution. | |||||
| CVE-2017-13130 | 1 Bmc | 1 Patrol | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring. | |||||
| CVE-2016-9638 | 1 Bmc | 1 Patrol | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This allows local users to elevate their privileges to root. | |||||