Vulnerabilities > BMC > High

DATE CVE VULNERABILITY TITLE RISK
2024-05-07 CVE-2021-35002 Unspecified vulnerability in BMC Track-It!
BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability.
network
low complexity
bmc
8.8
2024-03-18 CVE-2024-1605 Incorrect Default Permissions vulnerability in BMC Control-M 9.0.20/9.0.20.214/9.0.21
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users.
local
low complexity
bmc CWE-276
7.8
2023-09-05 CVE-2020-35593 Unspecified vulnerability in BMC Patrol Agent
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.
local
low complexity
bmc
7.8
2023-05-31 CVE-2023-34258 Missing Encryption of Sensitive Data vulnerability in BMC Patrol 9.13.10.01
An issue was discovered in BMC Patrol before 22.1.00.
network
low complexity
bmc CWE-311
7.5
2021-05-19 CVE-2017-17677 Incorrect Permission Assignment for Critical Resource vulnerability in BMC Remedy Mid-Tier 9.1
BMC Remedy 9.1SP3 is affected by authenticated code execution.
network
low complexity
bmc CWE-732
8.8
2019-10-14 CVE-2019-17044 Incorrect Default Permissions vulnerability in BMC Patrol Agent 9.0.10I
An issue was discovered in BMC Patrol Agent 9.0.10i.
local
low complexity
bmc CWE-276
7.8
2019-10-14 CVE-2019-17043 Incorrect Default Permissions vulnerability in BMC Patrol Agent 9.0.10I
An issue was discovered in BMC Patrol Agent 9.0.10i.
local
low complexity
bmc CWE-276
7.8
2019-03-21 CVE-2018-18862 Forced Browsing vulnerability in BMC Remedy Action Request System and Remedy Mid-Tier
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.
network
low complexity
bmc CWE-425
8.8
2019-01-17 CVE-2018-20735 Improper Authentication vulnerability in BMC Patrol Agent
An issue was discovered in BMC PATROL Agent through 11.3.01.
local
low complexity
bmc CWE-287
7.8
2018-03-10 CVE-2017-18223 Improper Authentication vulnerability in BMC Remedy Action Request System
BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is enabled, allows attackers to obtain administrative access.
network
high complexity
bmc CWE-287
8.1