PT-2014-6184 · Bmc · Bmc Track-It!
Published
2014-10-10
·
Updated
2023-08-02
·
CVE-2014-4874
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
BMC Track-It! version 11.3.0.355
Description
The issue allows remote authenticated users to read arbitrary files by visiting the "TrackItWeb/Attachment" page.
Recommendations
For version 11.3.0.355, consider restricting access to the TrackItWeb/Attachment page until a fix is available.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bmc Track-It!