Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

CVE-2015-5072 (GCVE-0-2015-5072)

Vulnerability from nvd – Published: 2020-01-15 17:06 – Updated: 2024-08-06 06:32

Summary

The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the __imageid parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://communities.bmc.com/docs/DOC-77816	x_refsource_CONFIRM
https://packetstormsecurity.com/files/133689/BMC-…	x_refsource_MISC

Date Public

2015-09-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:32:32.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://communities.bmc.com/docs/DOC-77816"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary local files via the __imageid parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-15T17:06:03.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://communities.bmc.com/docs/DOC-77816"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5072",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary local files via the __imageid parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://communities.bmc.com/docs/DOC-77816",
              "refsource": "CONFIRM",
              "url": "https://communities.bmc.com/docs/DOC-77816"
            },
            {
              "name": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5072",
    "datePublished": "2020-01-15T17:06:03.000Z",
    "dateReserved": "2015-06-25T00:00:00.000Z",
    "dateUpdated": "2024-08-06T06:32:32.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-5071 (GCVE-0-2015-5071)

Vulnerability from nvd – Published: 2020-01-15 17:06 – Updated: 2024-08-06 06:32

Summary

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the __report parameter of the BIRT viewer servlet.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://packetstormsecurity.com/files/133688/BMC-…	x_refsource_MISC
https://communities.bmc.com/docs/DOC-77816	x_refsource_CONFIRM

Date Public

2015-09-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:32:32.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://communities.bmc.com/docs/DOC-77816"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary files via the __report parameter of the BIRT viewer servlet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-15T17:06:06.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://communities.bmc.com/docs/DOC-77816"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5071",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary files via the __report parameter of the BIRT viewer servlet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
            },
            {
              "name": "https://communities.bmc.com/docs/DOC-77816",
              "refsource": "CONFIRM",
              "url": "https://communities.bmc.com/docs/DOC-77816"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5071",
    "datePublished": "2020-01-15T17:06:06.000Z",
    "dateReserved": "2015-06-25T00:00:00.000Z",
    "dateUpdated": "2024-08-06T06:32:32.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-5071 (GCVE-0-2015-5071)

Vulnerability from cvelistv5 – Published: 2020-01-15 17:06 – Updated: 2024-08-06 06:32

Summary

AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the __report parameter of the BIRT viewer servlet.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://packetstormsecurity.com/files/133688/BMC-…	x_refsource_MISC
https://communities.bmc.com/docs/DOC-77816	x_refsource_CONFIRM

Date Public

2015-09-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:32:32.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://communities.bmc.com/docs/DOC-77816"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary files via the __report parameter of the BIRT viewer servlet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-15T17:06:06.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://communities.bmc.com/docs/DOC-77816"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5071",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary files via the __report parameter of the BIRT viewer servlet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/133688/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
            },
            {
              "name": "https://communities.bmc.com/docs/DOC-77816",
              "refsource": "CONFIRM",
              "url": "https://communities.bmc.com/docs/DOC-77816"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5071",
    "datePublished": "2020-01-15T17:06:06.000Z",
    "dateReserved": "2015-06-25T00:00:00.000Z",
    "dateUpdated": "2024-08-06T06:32:32.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-5072 (GCVE-0-2015-5072)

Vulnerability from cvelistv5 – Published: 2020-01-15 17:06 – Updated: 2024-08-06 06:32

Summary

The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the __imageid parameter.

Severity

No CVSS data available.

CWE

n/a

Assigner

mitre

References

2 references

URL	Tags
https://communities.bmc.com/docs/DOC-77816	x_refsource_CONFIRM
https://packetstormsecurity.com/files/133689/BMC-…	x_refsource_MISC

Date Public

2015-09-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:32:32.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://communities.bmc.com/docs/DOC-77816"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-09-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary local files via the __imageid parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-15T17:06:03.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://communities.bmc.com/docs/DOC-77816"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2015-5072",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to \"navigate\" to arbitrary local files via the __imageid parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://communities.bmc.com/docs/DOC-77816",
              "refsource": "CONFIRM",
              "url": "https://communities.bmc.com/docs/DOC-77816"
            },
            {
              "name": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html",
              "refsource": "MISC",
              "url": "https://packetstormsecurity.com/files/133689/BMC-Remedy-AR-8.1-9.0-File-Inclusion.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-5072",
    "datePublished": "2020-01-15T17:06:03.000Z",
    "dateReserved": "2015-06-25T00:00:00.000Z",
    "dateUpdated": "2024-08-06T06:32:32.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

4 vulnerabilities found for remedy_ar_system_server by bmc

CVE-2015-5072 (GCVE-0-2015-5072)

CVE-2015-5071 (GCVE-0-2015-5071)

CVE-2015-5071 (GCVE-0-2015-5071)

CVE-2015-5072 (GCVE-0-2015-5072)