Lucene search
K

11 matches found

Prion
Prion
added 2018/01/30 8:29 p.m.17 views

Design/Logic Flaw

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service FileStorageService on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web...

10CVSS8AI score0.1924EPSS
Exploits4References4Affected Software1
NVD
NVD
added 2018/01/30 8:29 p.m.17 views

CVE-2016-6599

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

9.8CVSS9.5AI score0.12313EPSS
Exploits4References4
OSV
OSV
added 2018/01/30 8:29 p.m.4 views

CVE-2016-6599

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

9.8CVSS5.8AI score0.12313EPSS
Exploits4References4
Prion
Prion
added 2018/01/30 8:29 p.m.15 views

Design/Logic Flaw

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

7.5CVSS7.3AI score0.12313EPSS
Exploits4References4Affected Software1
OSV
OSV
added 2018/01/30 8:29 p.m.4 views

CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service FileStorageService on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web...

9.8CVSS6.2AI score0.1924EPSS
Exploits4References4
Cvelist
Cvelist
added 2018/01/30 8:0 p.m.21 views

CVE-2016-6599

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service ConfigurationService on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the...

9.6AI score0.12313EPSS
Exploits4References4
Exploit DB
Exploit DB
added 2014/10/21 12:0 a.m.81 views

Numara / BMC Track-It! FileStorageService - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Numara / BMC Track-It! FileStorageService Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file upload...

7.5CVSS7.4AI score0.80095EPSS
Exploits15
NVD
NVD
added 2014/10/10 10:55 a.m.11 views

CVE-2014-4872

BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to 1 FileStorageService or 2 ConfigurationService...

7.5CVSS7.2AI score0.80095EPSS
Exploits15References3
ATTACKERKB
ATTACKERKB
added 2014/10/10 10:55 a.m.3 views

CVE-2014-4872

BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to 1 FileStorageService or 2 ConfigurationService...

7.5CVSS6.1AI score0.80095EPSS
Exploits15References6
Prion
Prion
added 2014/10/10 10:55 a.m.18 views

Design/Logic Flaw

BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to 1 FileStorageService or 2 ConfigurationService...

7.5CVSS7.6AI score0.80095EPSS
Exploits15References3Affected Software1
Cvelist
Cvelist
added 2014/10/10 10:0 a.m.33 views

CVE-2014-4872

BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to 1 FileStorageService or 2 ConfigurationService...

9.7AI score0.80095EPSS
Exploits15References3
Rows per page
Query Builder