2023-05-31 00:00:00
mitre
PUBLISHED
An issue was discovered in BMC Patrol before 22.1.00. The agents configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution.