CVE-2019-8352
23Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 6.3%
from disclosure to weapon16 days
Published on NVDMay 20
1st PoC+16d
exploitation probability
6.3%top 7% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If an attacker were able to capture this network traffic, they could decrypt these credentials and use them to execute code or escalate privileges on the network.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/46969unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.