Vulnerabilities > BMC > Track IT > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-08-03 CVE-2022-35865 Missing Authentication for Critical Function vulnerability in BMC Track-It!
This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109.
network
low complexity
bmc CWE-306
critical
 9.8
9.8
2022-02-18 CVE-2022-24047 Improper Authentication vulnerability in BMC Track-It! 20.21.01.102
This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102.
network
low complexity
bmc CWE-287
critical
 9.8
9.8
2018-01-30 CVE-2016-6598 Improper Access Control vulnerability in BMC Track-It! 11.3/11.3.0.355/11.4
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010.
network
low complexity
bmc CWE-284
critical
 9.8
9.8
2018-01-30 CVE-2016-6599 Credentials Management vulnerability in BMC Track-It! 11.3/11.3.0.355/11.4
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010.
network
low complexity
bmc CWE-255
critical
 9.8
9.8