Vulnerabilities > BMC > Track IT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-03 | CVE-2022-35864 | SQL Injection vulnerability in BMC Track-It! This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. | 6.5 |
| 2022-08-03 | CVE-2022-35865 | Missing Authentication for Critical Function vulnerability in BMC Track-It! This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. | 9.8 |
| 2022-02-18 | CVE-2022-24047 | Improper Authentication vulnerability in BMC Track-It! 20.21.01.102 This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. | 9.8 |
| 2018-01-30 | CVE-2016-6599 | Credentials Management vulnerability in BMC Track-It! 11.3/11.3.0.355/11.4 BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. | 9.8 |
| 2018-01-30 | CVE-2016-6598 | Improper Access Control vulnerability in BMC Track-It! 11.3/11.3.0.355/11.4 BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. | 9.8 |