CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 3CVE-2022-26088 – BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection
https://notcve.org/view.php?id=CVE-2022-26088
10 Nov 2022 — An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML (such as an SSRF payload) into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field. NOTE: the vendor's position is that "no real impact is demonstrated." Se descubrió un problema en BMC Remedy antes del 22.1. • http://packetstormsecurity.com/files/169863/BMC-Remedy-ITSM-Suite-9.1.10-20.02-HTML-Injection.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2022-35865 – BMC Track-It! HTTP Module Improper Access Control Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35865
12 Jul 2022 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. • https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It-Version-2 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-35864 – BMC Track-It! GetPopupSubQueryDetails SQL Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-35864
12 Jul 2022 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. • https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It-Version-2 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 11%CPEs: 1EXPL: 0CVE-2022-24047 – BMC Track-It! HTTP Module Improper Access Control Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-24047
10 Feb 2022 — This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. • https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It • CWE-287: Improper Authentication CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35001 – BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-35001
06 Jan 2022 — BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It!. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetData endpoint. • https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It • CWE-862: Missing Authorization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35002 – BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-35002
06 Jan 2022 — BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It!. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of email attachments. • https://community.bmc.com/s/article/Security-vulnerabilities-patched-in-Track-It • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17677
https://notcve.org/view.php?id=CVE-2017-17677
19 May 2021 — BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code. BMC Remedy versión 9.1SP3, está afectado por una ejecución del código autenticado. Unos usuarios autenticados que presentan derecho a crear informes pueden usar plantillas BIRT para ejecutar código • http://bmc.com • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17675
https://notcve.org/view.php?id=CVE-2017-17675
19 May 2021 — BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names and HTTP data. BMC Remedy Mid Tier versión 9.1SP3, está afectado por un secuestro de registros. Unos usuarios no autenticados remotos pueden ser accedidos al registro, permitiendo a un atacante apropiarse de los registros del sistema. • http://bmc.com • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17678
https://notcve.org/view.php?id=CVE-2017-17678
19 May 2021 — BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility. BMC Remedy Mid Tier versión 9.1SP3, está afectado por una vulnerabilidad de tipo cross-site scripting (XSS). Se detectó una vulnerabilidad de tipo cross-site scripting basada en DOM en una utilidad heredada • http://bmc.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17674
https://notcve.org/view.php?id=CVE-2017-17674
19 May 2021 — BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE). BMC Remedy Mid Tier versión 9.1SP3, está afectado por la inclusión de archivos locales y remotos. Debido a una falta de restricciones sobre lo que puede ser atacado, el sistema puede ser vulnerable a ataques como el s... • http://bmc.com • CWE-918: Server-Side Request Forgery (SSRF) •