Privilege Escalation Vulnerability in BMC Track-It! by BMC Software
CVE-2014-8270

Currently unrated

Key Information:

Vendor: Bmc
Status: Track-it\!
Vendor: CVE Published:; 12 December 2014

What is CVE-2014-8270?

BMC Track-It! version 11.3 is susceptible to a privilege escalation vulnerability that enables remote attackers to execute arbitrary code. This can occur when an attacker creates a new user account that matches the name of a local system account and subsequently resets the account's password. Exploiting this vulnerability allows unauthorized access and could lead to severe security risks within the affected system.

References

http://www.zerodayinitiative.com/advisories/ZDI-14-419/

x_refsource_MISC

http://support.numarasoftware.com/support/articles.asp?ho...

x_refsource_CONFIRM

EPSS Score

62% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2014
Vulnerability Reserved
Oct 12, 2014

JSON

Bmc

What is CVE-2014-8270?

References

EPSS Score

Timeline