Every CVE whose affected-product data names Bmc Patrol Agent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2008-5982 — CVSS 10.0 (critical): Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string…
CVE-1999-0443 — CVSS 10.0 (critical): Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password.
CVE-2023-34257 — CVSS 9.8 (critical): An issue was discovered in BMC Patrol through 23.1.00. The agent's configuration can be remotely modified (and, by default, authentication…
CVE-2019-8352 — CVSS 9.8 (critical): By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network…
CVE-2019-17044 — CVSS 7.8 (high): An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the PatrolAgent SUID binary could allow an attacker with…
CVE-2020-35593 — CVSS 7.8 (high): BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
CVE-2018-20735 — CVSS 7.8 (high): An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and…
CVE-2019-17043 — CVSS 7.8 (high): An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the best1collect.exe SUID binary could allow an attacker…
CVE-1999-1460 — CVSS 7.2 (high): BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as…
CVE-1999-1459 — CVSS 7.2 (high): BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file.
CVE-2014-2591 — CVSS 6.9 (medium): Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an…