CVE-2017-17677

Name of the Vulnerable Software and Affected Versions BMC Remedy version 9.1SP3

Description The issue allows authenticated code execution. Authenticated users with the right to create reports can utilize BIRT templates to execute code.

Recommendations For BMC Remedy version 9.1SP3, consider restricting access to report creation and BIRT template usage to minimize the risk of exploitation until a fix is available. As a temporary workaround, limiting the privileges of authenticated users may help reduce the potential impact. At the moment, there is no information about a newer version that contains a fix for this vulnerability.