Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BMC Track-It! 未授权访问漏洞
Vulnerability Description
BMC Track-It!是美国BMC Software公司的一套专为中小企业提供的全面集成的IT帮助台和资产管理解决方案。该方案提供工单跟踪、变更管理、流程自动化、资产清单和资产管理等功能。 BMC Track-It! 11.3.0.355版本中存在安全漏洞,该漏洞源于TCP端口9010没有要求身份验证。远程攻击者可通过向FileStorageService或ConfigurationService发送.NET Remoting请求利用该漏洞上传任意文件,执行任意代码,或获取敏感证书和配置信息。
CVSS Information
N/A
Vulnerability Type
N/A