Vulnerability Details CVE-2017-17677
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://bmc.com
- http://remedy.com
- https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html
- https://seclists.org/fulldisclosure/2017/Oct/52
- http://bmc.com
- http://remedy.com
- https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html
- https://seclists.org/fulldisclosure/2017/Oct/52
Products affected by CVE-2017-17677
-
cpe:2.3:a:bmc:remedy_mid-tier:9.1