2 matches found
CVE-2014-4874
CVE-2014-4874 affects BMC Track-It! 11.3.0.355. An authenticated remote attacker can read arbitrary files via TrackItWeb/Attachment/Open (arbitrary file download). No vendor fix is stated in the provided docs; remediation guidance from the consortium of sources includes blocking network access to...
BMC Track-It! contains multiple vulnerabilities
Overview BMC Track-It! version 11.3.0.355 contains multiple vulnerabilities Description CWE-306: Missing Authentication for Critical Function -CVE-2014-4872 BMC Track-It! exposes several dangerous remote .NET services on port 9010 without authentication. .NET remoting allows a user to invoke...