Skip navigation

Cloud Lifecycle Mgmt

2 Posts authored by: John O'Toole Moderator
Share This:

A couple of critical broken authentication vulnerabilities were disclosed to BMC by ERNW Gmbh (an independent research company) and they will be disclosed publicly at the Troopers 2016 conference in Heidelberg on March 16th, 2016. These vulnerabilities allow remote unauthorized access to Linux/Unix RSCD agents using the agents’ RPC API. Windows agents are not affected. For more-detailed information, please see the following Flash Notification.

 

The security of our solutions is of the utmost importance to BMC. Once we were made aware of the issue, we investigated, developed a fix, and began the process of notifying customers.

 

As part of the notification process, BMC has published a Knowledge Article with patching information as well as general recommendations for reducing the likelihood of successful exploitation. We strongly recommend that BSA customers follow the instructions within the article. Should you have questions or need assistance, please contact BMC Customer Support.

Share This:

At BMC Engage, IT management professionals connect with peers, BMC product experts, and industry insiders to share insights and best practices for BMC solutions.

Do you understand the challenges and see the future of the delivery of digital services?

Do you have a viewpoint on how IT can help drive business transformation?

Do you have a unique solution or technical expertise to share?

Do you have an innovation story to tell?


Be a part of BMC Engage 2015, September 8-11 in Las Vegas, and help us bring IT to life.

Customers, partners, and IT and product experts are needed to deliver an agenda that’s topical and valuable to other BMC users.

We are now accepting submissions for technical, business, and hands-on labs breakout sessions. Submit your session for the Cloud Management & DevOps, BladeLogic Data Center Automation and Security and Compliance tracks.

 
The submission window won’t stay open long – submit now. Deadline is February 28, 2015.

Filter Blog

By date:
By tag: