CVE-2017-17675
Summary
| CVE | CVE-2017-17675 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-05-19 14:15:00 UTC |
| Updated | 2021-05-25 18:20:00 UTC |
| Description | BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names and HTTP data. |
Risk And Classification
Problem Types: CWE-532
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bmc | Remedy Mid-tier | 9.1 | sp3 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| BMC - Bring IT to Life with Digital Enterprise Management | MISC | bmc.com | |
| Full Disclosure: Multiple vulnerabilities in BMC Remedy | MISC | seclists.org | |
| Remedy 9 - IT Service Management Suite - BMC Software | MISC | remedy.com | |
| 9.1.00: Fixes available for Remedy AR System security vulnerabilities - Documentation for Remedy Action Request System 9.1 - BMC Documentation | MISC | docs.bmc.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.