Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2020-2127
Jenkins BMC Release Package and Deployment Plugin 1.1 and previous versions stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Jenkins Bmc Release Package And Deployment
6.5
CVSSv3
CVE-2018-19505
Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user, because userdata.js in the WOI:WorkOrderConsole component allows a username substitution inv...
Bmc Remedy Action Request System Server 7.1
5.4
CVSSv3
CVE-2019-1010147
Yellowfin Smart Reporting All Versions before 7.3 is affected by: Incorrect Access Control - Privileges Escalation. The impact is: Victim attacked and access admin functionality through their browser and control browser. The component is: MIAdminStyles.i4. The attack vector is: V...
Bmc Remedy Smart Reporting -
Yellowfinbi Yellowfin Bi
8.8
CVSSv3
CVE-2022-28866
Multiple Improper Access Control exists in Nokia AirFrame BMC Web GUI < R18 Firmware v4.13.00. It does not properly validate requests for access to (or editing of) data and functionality in all endpoints under /#settings/* and /api/settings/*. By not verifying the permissions ...
Nokia Airframe Bmc Web Gui R18 Firmware
5.4
CVSSv3
CVE-2022-26088
An issue exists in BMC Remedy prior to 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML (such as an SSRF payload) into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of rec...
Bmc Remedy It Service Management Suite 20.02
NA
CVE-2007-0661
Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller prior to 20070119, when Intelligent Pla...
Intel Server Board S5000vsa
Intel Server Board S5000xal
Intel Enterprise Southbridge 2 Bmc
Intel Server Board S5000xvn
Intel Server Board Sc5400ra
Intel Enterprise Southbridge Bmc
Intel Server Board S5000pal
Intel Server Board S5000psl
Intel Server Board S5000vcl
NA
CVE_2023_40304
BMC Compuware iStrobe Web version 20.13 suffers from a remote shell upload vulnerability.
9.1
CVSSv3
CVE-2023-28863
AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity.
Ami Megarac Sp-x 12
Ami Megarac Sp-x 13
NA
CVE-2024-3411
Implementations of IPMI Authenticated sessions does not provide enough randomness to protect from session hijacking, allowing an malicious user to use either predictable IPMI Session ID or weak BMC Random Number to bypass security controls using spoofed IPMI packets to manage BMC...
NA
CVE-2022-45899
Nokia BMC Log Scanner version 13 suffers from a remote command injection vulnerability.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »