Remote File Read Vulnerability in BMC Track-It! by BMC Software
CVE-2014-4874

Currently unrated

Key Information:

Vendor

Bmc

Status
Track-it\!
Vendor
CVE Published:
10 October 2014

What is CVE-2014-4874?

BMC Track-It! version 11.3.0.355 contains a vulnerability that allows remote authenticated users to access arbitrary files via the TrackItWeb/Attachment page. This can potentially expose sensitive data and increase the risk of further exploitation if not addressed promptly.

References

http://packetstormsecurity.com/files/128594/BMC-Track-it-...
x_refsource_MISC
http://www.kb.cert.org/vuls/id/121036
third-party-advisoryx_refsource_CERT-VN
https://raw.githubusercontent.com/pedrib/PoC/master/gener...
x_refsource_MISC

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.