CVE-2016-1542

HIGH

BMC BladeLogic Server Automation <8.7 - Auth Bypass

Title source: llm

Description

The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure.

Exploits (5)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/43939
exploitdb WORKING POC
by Paul Taylor · pythonremotemultiple
https://www.exploit-db.com/exploits/43902
nomisec WORKING POC 20 stars
by bao7uo · poc
https://github.com/bao7uo/bmc_bladelogic
nomisec WORKING POC
by patriknordlen · poc
https://github.com/patriknordlen/bladelogic_bmc-cve-2016-1542
metasploit WORKING POC EXCELLENT
by Olga Yanushkevich, ERNW <@yaole0>, Nicky Bloor (@NickstaDB) <[email protected]> · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/bmc_server_automation_rscd_nsh_rce.rb

References (6)

Scores

CVSS v3 7.5
EPSS 0.7127
EPSS Percentile 98.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-20
Status published
Products (11)
bmc/bladelogic_server_automation_console 8.2.02
bmc/bladelogic_server_automation_console 8.2.03
bmc/bladelogic_server_automation_console 8.2.04
bmc/bladelogic_server_automation_console 8.3.00
bmc/bladelogic_server_automation_console 8.3.01
bmc/bladelogic_server_automation_console 8.3.02
bmc/bladelogic_server_automation_console 8.3.03
bmc/bladelogic_server_automation_console 8.5.00
bmc/bladelogic_server_automation_console 8.5.01
bmc/bladelogic_server_automation_console 8.6.00
... and 1 more
Published Jun 13, 2016
Tracked Since Feb 18, 2026