Vulnerabilities > BMC
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2020-35593 | Unspecified vulnerability in BMC Patrol Agent BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host. | 7.8 |
| 2023-09-05 | CVE-2017-9453 | Incorrect Authorization vulnerability in BMC Server Automation 8.6/8.7 BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass. | 9.8 |
| 2023-07-31 | CVE-2023-39122 | SQL Injection vulnerability in BMC Control-M BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. | 9.8 |
| 2023-05-31 | CVE-2023-34257 | Unspecified vulnerability in BMC Patrol Agent An issue was discovered in BMC Patrol through 23.1.00. | 9.8 |
| 2023-05-31 | CVE-2023-34258 | Missing Encryption of Sensitive Data vulnerability in BMC Patrol 9.13.10.01 An issue was discovered in BMC Patrol before 22.1.00. | 7.5 |
| 2023-02-25 | CVE-2023-26550 | SQL Injection vulnerability in BMC Control-M A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field. | 9.8 |
| 2022-11-10 | CVE-2022-26088 | Cross-site Scripting vulnerability in BMC Remedy IT Service Management Suite 20.02 An issue was discovered in BMC Remedy before 22.1. | 5.4 |
| 2022-02-18 | CVE-2022-24047 | Improper Authentication vulnerability in BMC Track-It! 20.21.01.102 This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. | 7.5 |
| 2021-05-19 | CVE-2017-17674 | Server-Side Request Forgery (SSRF) vulnerability in BMC Remedy Mid-Tier 9.1 BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. | 7.5 |
| 2021-05-19 | CVE-2017-17675 | Information Exposure Through Log Files vulnerability in BMC Remedy Mid-Tier 9.1 BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. | 5.0 |