Giulio Pellegrini

#12029of 53,633
22.8Total CVSS
Vulnerabilities · 3
Medium
1
High
1
Critical
1
PT-2025-11110
4.2
2025-03-12
Bmc · Bmc Remedy Mid Tier · CVE-2024-34398
Name of the Vulnerable Software and Affected Versions: BMC Remedy Mid Tier version 7.6.04 Description: The web application in BMC Remedy Mid Tier allows stored HTML Injection by authenticated remote attackers. Recommendations: For BMC Remedy Mid Tier version 7.6.04, consider restricting access to the web application until a patch is available. As a temporary workaround, limit the ability of authenticated remote attackers to inject HTML code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2024-25856
9.8
2024-09-18
Bmc · Bmc Remedy Mid Tier · CVE-2024-34399
**Name of the Vulnerable Software and Affected Versions** BMC Remedy Mid Tier version 7.6.04 **Description** An issue was discovered that allows an unauthenticated remote attacker to access any user account without using a password. This issue affects products that are no longer supported by the maintainer. **Recommendations** For BMC Remedy Mid Tier version 7.6.04, consider disabling remote access or restricting user account access until a resolution can be determined, however, since this version is no longer supported, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-7169
8.8
2022-12-19
Ericsson · Ericsson Evolved Packet Gateway · CVE-2022-47531
**Name of the Vulnerable Software and Affected Versions** Ericsson Evolved Packet Gateway (EPG) versions 2.x before 2.16 Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25 **Description** The issue is related to the command-line interface (CLI) of the Ericsson Evolved Packet Gateway (EPG) and is associated with access control deficiencies. Exploitation of the issue may allow a remote attacker to execute arbitrary commands. Authenticated users can bypass the system CLI and execute commands they are authorized to execute directly in the UNIX shell. **Recommendations** For Ericsson Evolved Packet Gateway (EPG) versions 2.x before 2.16, update to version 2.16 or later to resolve the issue. For Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25, update to version 3.25 or later to resolve the issue. As a temporary workaround, consider restricting access to the CLI to minimize the risk of exploitation.