4 matches found
CVE-2018-19505
Remedy AR System Server in BMC Remedy 7.1 is affected by an impersonation flaw in WOI:WorkOrderConsole’s userdata.js. The root cause is a username substitution via UserData_Init, allowing a user to assume another user’s identity in certain scenarios. Impact is user impersonation with elevated ris...
BMC Remedy Privilege Escalation (CVE-2018-19505)
A privilege escalation vulnerability exists in BMC Remedy. The vulnerability is due to a lack of validation in USERNAMETOCHANGE. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
BMC Remedy 7.1 User Impersonation
...
BMC Remedy 7.1 User Impersonation Vulnerability
Exploit for jsp platform in category web applications !-- Exploit Title: Impersonation may lead to incorrect user context in Remedy AR System Server in BMC Remedy 7.1 Exploit Author: Rafael Pedrero Vendor Homepage: http://www.bmc.com/ Software Link: http://www.bmc.com/ Version: Impersonation may...