CVE-2015-5072

Published: Jan 15, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the __imageid parameter.

Affected (2)

Products: Bmc: Remedy Ar System Server

Bmc

1 product

Remedy Ar System Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Bmc Remedy Ar System Server	Version 8.0
Bmc Remedy Ar System Server	Version 9.0

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (4)

https://communities.bmc.com/docs/DOC-77816

Source: cve@mitre.org

Vendor Advisory

https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://communities.bmc.com/docs/DOC-77816

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.