Bmc Remedy_mid-tier

7 CVEs affecting Bmc Remedy_mid-tier. Latest disclosed: 2025-03-12. Critical: 2, High: 2.

Top CVEs affecting Bmc Remedy_mid-tier
CVESeverityScorePublishedSummary
CVE-2024-34399Critical9.82024-09-18**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access any user account with…
CVE-2017-17674Critical9.82021-05-19BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerabl…
CVE-2017-17677High8.82021-05-19BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
CVE-2018-18862High8.82019-03-21BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Detai…
CVE-2017-17678Medium6.12021-05-19BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility.
CVE-2017-17675Medium5.32021-05-19BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system…
CVE-2024-34398Medium4.22025-03-12An issue was discovered in BMC Remedy Mid Tier 7.6.04. The web application allows stored HTML Injection by authenticated remote attackers.