Vulnerabilities > CVE-2017-9453 - Incorrect Authorization vulnerability in BMC Server Automation 8.6/8.7

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
bmc
CWE-863
critical
NVD
Published: 2023-09-05
Updated: 2023-09-09

Summary

BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass.

Vulnerable Configurations

Part Description Count
Application
Bmc
4

Common Weakness Enumeration (CWE)

References