Vulnerabilities > BMC > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2020-35593 Unspecified vulnerability in BMC Patrol Agent
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
local
low complexity
bmc
7.8
2023-05-31 CVE-2023-34258 Missing Encryption of Sensitive Data vulnerability in BMC Patrol 9.13.10.01
An issue was discovered in BMC Patrol before 22.1.00.
network
low complexity
bmc CWE-311
7.5
2022-02-18 CVE-2022-24047 Improper Authentication vulnerability in BMC Track-It! 20.21.01.102
This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102.
network
low complexity
bmc CWE-287
7.5
2021-05-19 CVE-2017-17674 Server-Side Request Forgery (SSRF) vulnerability in BMC Remedy Mid-Tier 9.1
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion.
network
low complexity
bmc CWE-918
7.5
2019-10-14 CVE-2019-17044 Incorrect Default Permissions vulnerability in BMC Patrol Agent 9.0.10I
An issue was discovered in BMC Patrol Agent 9.0.10i.
local
low complexity
bmc CWE-276
7.2
2019-09-26 CVE-2019-16755 Deserialization of Untrusted Data vulnerability in BMC Myit Digital Workplace
BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application.
network
low complexity
bmc CWE-502
7.5
2019-05-20 CVE-2019-8352 Use of Hard-coded Credentials vulnerability in BMC Patrol Agent
By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services.
network
low complexity
bmc CWE-798
7.5
2019-01-17 CVE-2018-20735 Improper Authentication vulnerability in BMC Patrol Agent
An issue was discovered in BMC PATROL Agent through 11.3.01.
local
low complexity
bmc CWE-287
7.8
2018-01-30 CVE-2016-6599 Credentials Management vulnerability in BMC Track-It! 11.4
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010.
network
low complexity
bmc CWE-255
7.5
2017-08-23 CVE-2017-13130 Uncontrolled Search Path Element vulnerability in BMC Patrol
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.
local
low complexity
bmc CWE-427
7.2