Vulnerabilities > BMC > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-12 | CVE-2017-18228 | Cross-site Scripting vulnerability in BMC Remedy Action Request System Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey parameter in an arsys/servlet/AttachServlet request. | 5.4 |
2017-08-28 | CVE-2014-9514 | Cross-site Scripting vulnerability in BMC Footprints Service Core 11.5 Cross-site scripting (XSS) vulnerability in BMC Footprints Service Core 11.5. | 6.1 |
2017-05-02 | CVE-2016-5063 | Improper Authorization vulnerability in BMC Server Automation 8.6/8.7 The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows might allow remote attackers to bypass authorization checks and make an RPC call via unspecified vectors. | 5.3 |