CVE-2023-34257: 
BMC Patrol Agent vulnerability analysis and mitigation

An issue was discovered in BMC Patrol through 23.1.00 where the agent's configuration can be remotely modified without requiring authentication by default. The vulnerability affects BMC Patrol software versions up to and including 23.1.00. This vulnerability is tracked as CVE-2023-34257 and has been assigned a CVSS v3.1 base score of 9.8 (CRITICAL) (NVD).

The vulnerability allows remote modification of the agent's configuration, particularly affecting configuration fields related to SNMP (such as masterAgentName or masterAgentStartLine). When these fields are modified and the agent is restarted, it can result in code execution. The vulnerability has been assigned a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating network accessibility, low attack complexity, and no required privileges or user interaction (NVD, Errno Advisory).

The vulnerability can lead to remote code execution on affected systems. On Windows systems, attackers can inject commands through the masterAgentName field to execute arbitrary commands, while on Linux systems, the masterAgentStartLine parameter can be exploited for code execution (Errno Advisory).

While no official patch exists, the vendor indicates that authentication can be implemented as a mitigation measure. Organizations using the default configuration should change it immediately to require authentication for remote configuration access (NVD).

The vulnerability is currently disputed. The vendor's perspective is that "These are not vulnerabilities for us as we have provided the option to implement the authentication." This stance has led to the CVE being marked as DISPUTED in the official CVE record (NVD).