Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web root and achieve code execution as NETWORK SERVICE or SYSTEM.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BMC Track-It! 安全漏洞
Vulnerability Description
BMC Track-It!是美国BMC Software公司的一套专为中小企业提供的全面集成的IT帮助台和资产管理解决方案。该方案提供工单跟踪、变更管理、流程自动化、资产清单和资产管理等功能。 BMC Track-It! 11.4 Hotfix 3之前的11.4版本中存在安全漏洞。攻击者可利用该漏洞向任意路径上传文件并以NETWORK SERVICE或SYSTEM权限执行代码。
CVSS Information
N/A
Vulnerability Type
N/A