NotCVE - vendor:"Bmc" product:"Remedy Action Request System" version:"9.0"

4 results (0.010 seconds)

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2015-9257

https://notcve.org/view.php?id=CVE-2015-9257

BMC Remedy Action Request (AR) System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS. BMC Remedy Action Request (AR) System en versiones 9.0 anteriores a la 9.0.00 Service Pack 2 hot fix 1 contiene Cross-Site Scripting (XSS) persistente. • https://docs.bmc.com/docs/display/public/ars9000/Cross+site+scripting+%28XSS%29+in+Remedy+9.0%2C+9.0+Service+Pack+1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18228

https://notcve.org/view.php?id=CVE-2017-18228

Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey parameter in an arsys/servlet/AttachServlet request. Remedy Mid Tier en BMC Remedy AR System 9.1 permite Cross-Site Scripting (XSS) mediante el parámetro ATTKey en una petición arsys/servlet/AttachServlet. • https://communities.bmc.com/thread/164169 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18223

https://notcve.org/view.php?id=CVE-2017-18223

BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is enabled, allows attackers to obtain administrative access. BMC Remedy AR System, en versiones anteriores a la 9.1 SP3, cuando Remedy AR Authentication está habilitado, permite que los atacantes obtengan acceso administrativo. • https://communities.bmc.com/thread/165887 • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-2349

https://notcve.org/view.php?id=CVE-2016-2349

Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password. Remedy AR System Server en BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1 y 9.1 permite a atacantes reiniciar contraseñas arbitrarias a través de una contraseña en blanco previa. • http://www.securityfocus.com/bid/95075 http://www.securitytracker.com/id/1037529 https://bmcsites.force.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000l6kbCAA&type=Solution • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •