Limited support This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments. Click here to view the documentation for the current version.

Critical Remote Code Execution vulnerability in BMC Digital Workplace

BMC Software is alerting users to a serious problem that requires immediate attention in versions 3.x and 18.x of the BMC Digital Workplace product. If you have any questions about the problem, contact Customer support.

September 30, 2019

Issue number: CVE-2019-16755 (CVSS v3 score 10.0)

Related topic

Known-and-corrected-issues

Issue

BMC Software has identified an unauthenticated Remote Code Execution security vulnerability in BMC Digital Workplace. 

BMC Digital Workplace 3.x and 18.x, all versions, service packs, and patches are affected by this vulnerability.

Resolution

Hot fixes for the affected versions are currently available at the FTP location available in Knowledge Article 000164912.

If you are using a BMC Digital Workplace version that is affected by this vulnerability, download and install the hot fix.

Note

No action is required if you are using BMC Digital Workplace 19.02 or later.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*