Skip to Content
This is the latest documentation for BMC Helix Network Management (formerly known as Netreo).

 

Is there any exposure to the SambaCry exploit?

Short Answer

No. BMC Helix Network Management does not expose any writable file shares, and therefore IS NOT and HAS NEVER BEEN vulnerable to this exploit.

In May 2017, Samba.org announced the existence of CVE-2017-7494) (also known as the SambaCry bug), which is a serious vulnerability in the Samba open-source file sharing SMB library. This weakness allows a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.

BMC Helix Network Management uses the Samba libraries for SMB file sharing. However, BMC Helix Network Management does not expose any writable file shares, and therefore is not, and has never been, vulnerable to this exploit.

As a precaution, BMC Helix Network Management has implemented several workarounds and patches in versions 9.1 and 10 to insure this vulnerability could never be exploited in the future.

If you have any concerns, please feel free to contact BMC Helix Support.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Network Management