CVE-2014-8270

Public exploit
BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.
Max CVSS
5.0
EPSS Score
2.08%
Published
2014-12-12
Updated
2023-08-02
BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page.
Max CVSS
4.0
EPSS Score
0.12%
Published
2014-10-10
Updated
2023-08-02
SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data.
Max CVSS
6.5
EPSS Score
0.32%
Published
2014-10-10
Updated
2023-08-02

CVE-2014-4872

Public exploit
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService.
Max CVSS
7.5
EPSS Score
95.93%
Published
2014-10-10
Updated
2023-08-02
Untrusted search path vulnerability in BMC Patrol for AIX 3.9.00 allows local users to gain privileges via a crafted library, related to an incorrect RPATH setting.
Max CVSS
6.9
EPSS Score
0.07%
Published
2014-05-14
Updated
2014-06-24
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!