Synopsis
The RSCD agent running on the remote host is affected by a remote command execution vulnerability.
Description
The BMC Server Automation RSCD agent running on the remote host is configured in such a manner as to publicly expose an API that can be used for unrestricted command execution. An unauthenticated, remote attacker can exploit this, via the NSH protocol, to execute arbitrary commands.
Solution
Update the exports file to restrict access to the interface.