CVE-2019-8352

CRITICAL

BMC PATROL Agent < 11.3.01 - Use of Hard-coded Credentials

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-8352. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits CVE-2019-8352, a deserialization vulnerability in IBM WebSphere Application Server Network Deployment, allowing remote code execution via crafted serialized data sent to the DMGR server.

Description

By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials and use them to execute code or escalate privileges on the network.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/46969

View Code ZIP pw:eip

This Metasploit module exploits CVE-2019-8352, a deserialization vulnerability in IBM WebSphere Application Server Network Deployment, allowing remote code execution via crafted serialized data sent to the DMGR server.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IBM WebSphere Application Server Network Deployment

No auth needed

Prerequisites: Network access to the target server · IBM WebSphere Application Server Network Deployment with vulnerable configuration

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://www.securifera.com/advisories/CVE-2019-8352/

Scores

CVSS v3 9.8

EPSS 0.0383

EPSS Percentile 88.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-798

Status published

Products (1)

bmc/patrol_agent < 11.3.01

Published May 20, 2019

Tracked Since Feb 18, 2026