CVE-2022-35865 – This vulnerability allows remote attackers to execute arbitrary code on affected installat …

3 August 2022

Vuln ID: CVE-2022-35865

Published: 2022-08-03 16:15:08Z

Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16709.

Source: NVD.NIST.GOV

Date:

3 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Popular File Transfer Software CrushFTP Hit by Zero-Day Exploit25 April 2024
WhyLabs AI Control Center offers teams real-time control over their AI applications25 April 2024
FTC issues refunds to Ring customers following privacy settlement25 April 2024
Network Threats: A Step-by-Step Attack Demonstration25 April 2024
ESET integrates with Arctic Wolf to provide greater security visibility25 April 2024