RSS   Vulnerabilities for 'Bmc track-it!'   RSS

2014-12-12
 
CVE-2014-8270

CWE-264
 

 
BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.

 
2014-10-10
 
CVE-2014-4874

 

 
BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page.

 
 
CVE-2014-4873

 

 
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data.

 
 
CVE-2014-4872

 

 
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService.

 

 >>> Vendor: BMC 24 Products
Patrol agent
Software control-m agent
Remedy action request system
Performance manager
Patrol perform agent
Capacity management essentials
Performance analysis for servers
Performance analyzer for servers
Performance assurance for servers
Performance assurance for virtual servers
Performance predictor for servers
Identity management suite
Service desk express
Bmc track-it!
Bladelogic server automation console
Patrol
Server automation
Footprints service core
Track-it!
Remedy action request system server
Remedy mid-tier
Remedy smart reporting
Myit digital workplace
Remedy ar system server


Copyright 2024, cxsecurity.com

 

Back to Top