Track-it!@* Security Vulnerabilities and Issues — Track-it!@* CVE List

Lucene search

BmcTrack-it!*

7 matches found

CVE•added 2022/02/18 8:15 p.m.•94 views

CVE-2022-24047

This vulnerability allows remote attackers to bypass authentication on affected installations of BMC Track-It! 20.21.01.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentic...

9.8CVSS9.6AI score0.02349EPSS

CVE•added 2018/01/30 8:29 p.m.•51 views

CVE-2016-6599

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the d...

9.8CVSS9.4AI score0.34433EPSS

CVE•added 2024/05/07 11:15 p.m.•51 views

CVE-2021-35002

BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It!. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of em...

8.8CVSS9.1AI score0.05421EPSS

CVE•added 2022/08/03 4:15 p.m.•51 views

CVE-2022-35865

This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentic...

9.8CVSS9.8AI score0.04846EPSS

CVE•added 2024/05/07 11:15 p.m.•49 views

CVE-2021-35001

BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It!. Authentication is required to exploit this vulnerability. The specific flaw exists within the Ge...

6.5CVSS3.4AI score0.00357EPSS

CVE•added 2022/08/03 4:15 p.m.•44 views

CVE-2022-35864

This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue results from the lack of pr...

6.5CVSS6.5AI score0.00149EPSS

CVE•added 2018/01/30 8:29 p.m.•32 views

CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web...

10CVSS9.8AI score0.37972EPSS