Vulnerabilities > BMC > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2020-35593 Unspecified vulnerability in BMC Patrol Agent
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
local
low complexity
bmc
7.8
2023-05-31 CVE-2023-34258 Missing Encryption of Sensitive Data vulnerability in BMC Patrol 9.13.10.01
An issue was discovered in BMC Patrol before 22.1.00.
network
low complexity
bmc CWE-311
7.5
2021-05-19 CVE-2017-17677 Incorrect Permission Assignment for Critical Resource vulnerability in BMC Remedy Mid-Tier 9.1
BMC Remedy 9.1SP3 is affected by authenticated code execution.
network
low complexity
bmc CWE-732
8.8
2019-10-14 CVE-2019-17044 Incorrect Default Permissions vulnerability in BMC Patrol Agent 9.0.10I
An issue was discovered in BMC Patrol Agent 9.0.10i.
local
low complexity
bmc CWE-276
7.8
2019-10-14 CVE-2019-17043 Incorrect Default Permissions vulnerability in BMC Patrol Agent 9.0.10I
An issue was discovered in BMC Patrol Agent 9.0.10i.
local
low complexity
bmc CWE-276
7.8
2019-03-21 CVE-2018-18862 Forced Browsing vulnerability in BMC Remedy Action Request System and Remedy Mid-Tier
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.
network
low complexity
bmc CWE-425
8.8
2019-01-17 CVE-2018-20735 Improper Authentication vulnerability in BMC Patrol Agent
An issue was discovered in BMC PATROL Agent through 11.3.01.
local
low complexity
bmc CWE-287
7.8
2018-03-10 CVE-2017-18223 Improper Authentication vulnerability in BMC Remedy Action Request System
BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is enabled, allows attackers to obtain administrative access.
network
high complexity
bmc CWE-287
8.1
2017-08-23 CVE-2017-13130 Uncontrolled Search Path Element vulnerability in BMC Patrol
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.
local
low complexity
bmc CWE-427
7.8
2016-12-21 CVE-2016-2349 Weak Password Recovery Mechanism for Forgotten Password vulnerability in BMC Remedy Action Request System 8.1/9.0/9.1
Remedy AR System Server in BMC Remedy 8.1 SP 2, 9.0, 9.0 SP 1, and 9.1 allows attackers to reset arbitrary passwords via a blank previous password.
network
low complexity
bmc CWE-640
7.5