Unable to render {include} The included page could not be found.

Critical Remote Code Execution vulnerability in BMC Digital Workplace

BMC Software is alerting users to a serious problem that requires immediate attention in versions 3.x and 18.x of the BMC Digital Workplace product. If you have any questions about the problem, contact Customer support.

September 30, 2019

Issue number: CVE-2019-16755 (CVSS v3 score 10.0)

Issue

BMC Software has identified an unauthenticated Remote Code Execution security vulnerability in BMC Digital Workplace. 

BMC Digital Workplace 3.x and 18.x, all versions, service packs, and patches are affected by this vulnerability.

Resolution

Hot fixes for the affected versions are currently available at the FTP location available in Knowledge Article 000164912.

If you are using a BMC Digital Workplace version that is affected by this vulnerability, download and install the hot fix.

Note

No action is required if you are using BMC Digital Workplace 19.02 or later.

Was this page helpful? Yes No Submitting... Thank you

Comments