High severity7.5NVD Advisory· Published Dec 21, 2016· Updated Jun 17, 2026
CVE-2016-2349
CVE-2016-2349
Description
Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password.
Affected products
5cpe:2.3:a:bmc:remedy_action_request_system:8.1:sp2:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:bmc:remedy_action_request_system:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bmc:remedy_action_request_system:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:bmc:remedy_action_request_system:9.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:bmc:remedy_action_request_system:9.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- bmcsites.force.com/casemgmt/sc_KnowledgeArticlenvdMitigationVendor Advisory
- www.securityfocus.com/bid/95075nvd
- www.securitytracker.com/id/1037529nvd
News mentions
0No linked articles in our index yet.