Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4872 | 1 Bmc | 1 Bmc Track-it\! | 2016-06-29 | 7.5 HIGH | N/A |
| BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService. | |||||
| CVE-2014-4874 | 1 Bmc | 1 Bmc Track-it\! | 2016-06-28 | 4.0 MEDIUM | N/A |
| BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page. | |||||
| CVE-2014-4873 | 1 Bmc | 1 Bmc Track-it\! | 2015-09-10 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data. | |||||
| CVE-2014-8270 | 1 Bmc | 1 Bmc Track-it\! | 2014-12-12 | 5.0 MEDIUM | N/A |
| BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset. | |||||