CVE-2017-17674

Name of the Vulnerable Software and Affected Versions BMC Remedy Mid Tier version 9.1SP3

Description The system is affected by remote and local file inclusion due to a lack of restrictions on targeted files. This can lead to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).

Recommendations For BMC Remedy Mid Tier version 9.1SP3, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, limit the ability to include remote and local files until a patch is available.