Bmc: >> Remedy Ar System Server >> 9.0 Security Vulnerabilities
AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the __report parameter of the BIRT viewer servlet.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-01-15
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the __imageid parameter.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-01-15