Vulnerabilities > BMC > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2020-35593 | Unspecified vulnerability in BMC Patrol Agent BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host. | 7.8 |
| 2023-05-31 | CVE-2023-34258 | Missing Encryption of Sensitive Data vulnerability in BMC Patrol 9.13.10.01 An issue was discovered in BMC Patrol before 22.1.00. | 7.5 |
| 2022-02-18 | CVE-2022-24047 | Improper Authentication vulnerability in BMC Track-It! 20.21.01.102 This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. | 7.5 |
| 2021-05-19 | CVE-2017-17674 | Server-Side Request Forgery (SSRF) vulnerability in BMC Remedy Mid-Tier 9.1 BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. | 7.5 |
| 2019-10-14 | CVE-2019-17044 | Incorrect Default Permissions vulnerability in BMC Patrol Agent 9.0.10I An issue was discovered in BMC Patrol Agent 9.0.10i. | 7.2 |
| 2019-09-26 | CVE-2019-16755 | Deserialization of Untrusted Data vulnerability in BMC Myit Digital Workplace BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both DWP and SmartIT components, which can permit remote attackers to perform pre-authenticated remote commands execution on the Operating System running the targeted application. | 7.5 |
| 2019-05-20 | CVE-2019-8352 | Use of Hard-coded Credentials vulnerability in BMC Patrol Agent By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. | 7.5 |
| 2019-01-17 | CVE-2018-20735 | Improper Authentication vulnerability in BMC Patrol Agent An issue was discovered in BMC PATROL Agent through 11.3.01. | 7.8 |
| 2018-01-30 | CVE-2016-6599 | Credentials Management vulnerability in BMC Track-It! 11.4 BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. | 7.5 |
| 2017-08-23 | CVE-2017-13130 | Uncontrolled Search Path Element vulnerability in BMC Patrol mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring. | 7.2 |