Search
Find a vulnerability
Search criteria
6 vulnerabilities found for patrol by bmc
CVE-2023-34258 (GCVE-0-2023-34258)
Vulnerability from nvd – Published: 2023-05-31 00:00 – Updated: 2025-01-08 21:11
VLAI
EPSS
VEX
Summary
An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.errno.fr/PatrolAdvisory.html#remote-secrets-leak-using-patrols-pconfig-22100"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/gquere/045638b9959f4b3e119ea01d8d6ff856"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-34258",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T21:07:00.390221Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T21:11:19.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BMC Patrol before 22.1.00. The agent\u0027s configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-31T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.errno.fr/PatrolAdvisory.html#remote-secrets-leak-using-patrols-pconfig-22100"
},
{
"url": "https://gist.github.com/gquere/045638b9959f4b3e119ea01d8d6ff856"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-34258",
"datePublished": "2023-05-31T00:00:00.000Z",
"dateReserved": "2023-05-31T00:00:00.000Z",
"dateUpdated": "2025-01-08T21:11:19.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13130 (GCVE-0-2017-13130)
Vulnerability from nvd – Published: 2017-08-23 00:00 – Updated: 2024-08-05 18:58
VLAI
EPSS
VEX
Summary
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/itm4n/bmc-patrol-mcmnm-privesc | x_refsource_MISC |
Date Public
2017-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-23T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-13130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc",
"refsource": "MISC",
"url": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-13130",
"datePublished": "2017-08-23T00:00:00.000Z",
"dateReserved": "2017-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:58:12.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9638 (GCVE-0-2016-9638)
Vulnerability from nvd – Published: 2016-12-02 17:00 – Updated: 2024-08-06 02:59
VLAI
EPSS
VEX
Summary
In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This allows local users to elevate their privileges to root.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1037385 | vdb-entryx_refsource_SECTRACK |
| http://www.nes.fr/securitylab/index.php/2016/12/0… | x_refsource_MISC |
| http://www.securityfocus.com/bid/95009 | vdb-entryx_refsource_BID |
Date Public
2016-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037385",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037385"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol"
},
{
"name": "95009",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In BMC Patrol before 9.13.10.02, the binary \"listguests64\" is configured with the setuid bit. However, when executing it, it will look for a binary named \"virsh\" using the PATH environment variable. The \"listguests64\" program will then run \"virsh\" using root privileges. This allows local users to elevate their privileges to root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1037385",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037385"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol"
},
{
"name": "95009",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BMC Patrol before 9.13.10.02, the binary \"listguests64\" is configured with the setuid bit. However, when executing it, it will look for a binary named \"virsh\" using the PATH environment variable. The \"listguests64\" program will then run \"virsh\" using root privileges. This allows local users to elevate their privileges to root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037385",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037385"
},
{
"name": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol",
"refsource": "MISC",
"url": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol"
},
{
"name": "95009",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9638",
"datePublished": "2016-12-02T17:00:00.000Z",
"dateReserved": "2016-11-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:03.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34258 (GCVE-0-2023-34258)
Vulnerability from cvelistv5 – Published: 2023-05-31 00:00 – Updated: 2025-01-08 21:11
VLAI
EPSS
VEX
Summary
An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.errno.fr/PatrolAdvisory.html#remote-secrets-leak-using-patrols-pconfig-22100"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/gquere/045638b9959f4b3e119ea01d8d6ff856"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-34258",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-08T21:07:00.390221Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-08T21:11:19.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BMC Patrol before 22.1.00. The agent\u0027s configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-31T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.errno.fr/PatrolAdvisory.html#remote-secrets-leak-using-patrols-pconfig-22100"
},
{
"url": "https://gist.github.com/gquere/045638b9959f4b3e119ea01d8d6ff856"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-34258",
"datePublished": "2023-05-31T00:00:00.000Z",
"dateReserved": "2023-05-31T00:00:00.000Z",
"dateUpdated": "2025-01-08T21:11:19.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13130 (GCVE-0-2017-13130)
Vulnerability from cvelistv5 – Published: 2017-08-23 00:00 – Updated: 2024-08-05 18:58
VLAI
EPSS
VEX
Summary
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/itm4n/bmc-patrol-mcmnm-privesc | x_refsource_MISC |
Date Public
2017-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-23T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-13130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc",
"refsource": "MISC",
"url": "https://github.com/itm4n/bmc-patrol-mcmnm-privesc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-13130",
"datePublished": "2017-08-23T00:00:00.000Z",
"dateReserved": "2017-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:58:12.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9638 (GCVE-0-2016-9638)
Vulnerability from cvelistv5 – Published: 2016-12-02 17:00 – Updated: 2024-08-06 02:59
VLAI
EPSS
VEX
Summary
In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This allows local users to elevate their privileges to root.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1037385 | vdb-entryx_refsource_SECTRACK |
| http://www.nes.fr/securitylab/index.php/2016/12/0… | x_refsource_MISC |
| http://www.securityfocus.com/bid/95009 | vdb-entryx_refsource_BID |
Date Public
2016-12-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037385",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037385"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol"
},
{
"name": "95009",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In BMC Patrol before 9.13.10.02, the binary \"listguests64\" is configured with the setuid bit. However, when executing it, it will look for a binary named \"virsh\" using the PATH environment variable. The \"listguests64\" program will then run \"virsh\" using root privileges. This allows local users to elevate their privileges to root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1037385",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037385"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol"
},
{
"name": "95009",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9638",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In BMC Patrol before 9.13.10.02, the binary \"listguests64\" is configured with the setuid bit. However, when executing it, it will look for a binary named \"virsh\" using the PATH environment variable. The \"listguests64\" program will then run \"virsh\" using root privileges. This allows local users to elevate their privileges to root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037385",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037385"
},
{
"name": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol",
"refsource": "MISC",
"url": "http://www.nes.fr/securitylab/index.php/2016/12/02/privilege-escalation-on-bmc-patrol"
},
{
"name": "95009",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9638",
"datePublished": "2016-12-02T17:00:00.000Z",
"dateReserved": "2016-11-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:03.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}