BMC AMI 缓冲区错误漏洞

BMC AMI BMC Automated Mainframe Intelligence is an automated mainframe intelligence solution from BMC USA. A security vulnerability exists in BMC AMI. An attacker could exploit this vulnerability to read and write arbitrary locations in the memory of an IPMI server process, resulting in code...

Jenkins Compuware ISPW Operations Plugin does not perform permission checks in several HTTP endpoints

Jenkins BMC AMI DevX Code Pipeline Operations Plugin 1.0.8 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins...