3 matches found
CVE-2022-35865
This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of...
CVE-2022-35865
creationtimestamp| type| source ---|---|--- 2022-08-05 00:08:08+00:00| seen| https://t.me/cibsecurity/47501...
CVE-2022-35865
CVE-2022-35865 affects BMC Track-It! 20.21.2.109. The vulnerability arises from improper access control in the HTTP module’s authorization, enabling remote code execution in the service account context without authentication. It is linked to ZDI-CAN-16709. Public advisories note fixes in Track-It...