CVE-2016-2349 - Reset password functionality can be manipulated to accept a blank previous password and reset the password

Knowledge Article

CVE-2016-2349 - Reset password functionality can be manipulated to accept a blank previous password and reset the password
CVE-2016-2349 - Reset password functionality can be manipulated to accept a blank previous password and reset the password. Please refer to the URL for further details

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-2349

Versions Affected: BMC Remedy 9.1
Remedy AR System Server
AR System Server
CVE-2016-2349 - Reset password functionality can be manipulated to accept a blank previous password and reset the password. Please refer to the URL for further details
 
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2016-2349
 
Versions Affected: 8.1 SP 2, 9.0, 9.0 SP 1and 9.1


 
This knowledge article may contain information that does not apply to version 21.05 or later which runs in a container environment. Please refer to Article Number 000385088 for more information about troubleshooting BMC products in containers.

Fix: Follow these steps in order
 
1) Connect to the ARServer you want to fix this for in Developer Studio.
2) Search and open up the Filter named
 
User Password Change:ConfirmPreviousPassword
 
This filter is required to check the previous password from the ARserver side.

3) If this Filter is enabled; then nothing else needs to be done.
4) If this is not enabled; enable it and save the filter.
 
Versions Affected:
 
VersionIs Filter Present by defaultIs Filter Enabled by default
8.1 SP 2No (Import attached fix.def)No
9.0YesNo
9.0 SP 1YesNo
9.1YesNo

Credit for disclosure: Bhushan Nikam from Network Intelligence (I) Pvt. Ltd.
 
Remedy AR System Server
AR System Server
Remedy AR System Server
AR System Server
Attachment(s):
fix.def