Описание
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Release NotesVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bmc:remedy_action_request_system:9.1.02.003:*:*:*:*:*:*:*
cpe:2.3:a:bmc:remedy_mid-tier:7.1.00:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00577
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-425
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.
EPSS
Процентиль: 68%
0.00577
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-425