This documentation supports the 18.08 version of BMC Digital Workplace Basic.

To view the latest version, select the version from the Product Version menu.

Critical Remote Code Execution vulnerability in BMC Digital Workplace

BMC Software is alerting users to a serious problem that requires immediate attention in versions 3.x and 18.x of the BMC Digital Workplace product. If you have any questions about the problem, contact Customer support.

September 30, 2019

Issue number: CVE-2019-16755 (CVSS v3 score 10.0)

Issue

BMC Software has identified an unauthenticated Remote Code Execution security vulnerability in BMC Digital Workplace. 

BMC Digital Workplace 3.x and 18.x, all versions, service packs, and patches are affected by this vulnerability.

Resolution

Hot fixes for the affected versions are currently available at the FTP location available in Knowledge Article 000164912.

If you are using a BMC Digital Workplace version that is affected by this vulnerability, download and install the hot fix.

Note

No action is required if you are using BMC Digital Workplace 19.02 or later.

Was this page helpful? Yes No Submitting... Thank you

Comments