What is CVE-2018-20735?

CVE-2018-20735 is an issue discovered in BMC PATROL Agent through version 11.3.01 that allows lateral movement and escalation of privilege in a Windows Active Directory environment.

What is the severity of CVE-2018-20735?

CVE-2018-20735 has a severity rating of 7.8 (High).

What software is affected by CVE-2018-20735?

BMC PATROL Agent version 11.3.01 is affected by CVE-2018-20735.

How can I fix CVE-2018-20735?

To fix CVE-2018-20735, update BMC PATROL Agent to a version beyond 11.3.01.

Where can I find more information about CVE-2018-20735?

More information about CVE-2018-20735 can be found at the following references: [Reference 1](https://www.exploit-db.com/exploits/46556/) and [Reference 2](https://www.securifera.com/blog/2018/12/17/bmc-patrol-agent-domain-user-to-domain-admin/)

Vulnerability/
CVE-2018-20735

high

7.8

CWE

287

17/1/2019

5/8/2024

CVE-2018-20735

First published: Thu Jan 17 2019(Updated: )

** DISPUTED ** An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active Directory environment. It was found that by default the PatrolCli / PATROL Agent application only verifies if the password provided for the given username is correct; it does not verify the permissions of the user on the network. This means if you have PATROL Agent installed on a high value target (domain controller), you can use a low privileged domain user to authenticate with PatrolCli and then connect to the domain controller and run commands as SYSTEM. This means any user on a domain can escalate to domain admin through PATROL Agent. NOTE: the vendor disputes this because they believe it is adequate to prevent this escalation by means of a custom, non-default configuration.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Bmc Patrol Agent	<=11.3.01
	<=11.3.01

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-20735?
CVE-2018-20735 is an issue discovered in BMC PATROL Agent through version 11.3.01 that allows lateral movement and escalation of privilege in a Windows Active Directory environment.
What is the severity of CVE-2018-20735?
CVE-2018-20735 has a severity rating of 7.8 (High).
What software is affected by CVE-2018-20735?
BMC PATROL Agent version 11.3.01 is affected by CVE-2018-20735.
How can I fix CVE-2018-20735?
To fix CVE-2018-20735, update BMC PATROL Agent to a version beyond 11.3.01.
Where can I find more information about CVE-2018-20735?
More information about CVE-2018-20735 can be found at the following references: [Reference 1](https://www.exploit-db.com/exploits/46556/) and [Reference 2](https://www.securifera.com/blog/2018/12/17/bmc-patrol-agent-domain-user-to-domain-admin/)

collector/nvd-index
agent/type
agent/references
agent/first-publish-date
agent/severity
agent/weakness
agent/author
agent/status
agent/softwarecombine
agent/description
agent/event
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
collector/mitre-cve
source/MITRE
status/disputed
vendor/bmc
canonical/bmc patrol agent
version/bmc patrol agent/11.3.01

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.