CVE-2017-17674: SSRF
First published: Wed May 19 2021(Updated: )
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BMC Remedy Mid-Tier | =9.1-sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2017-17674?
CVE-2017-17674 is a vulnerability affecting BMC Remedy Mid Tier 9.1SP3. It allows for remote and local file inclusion, which can lead to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE).
How severe is CVE-2017-17674?
CVE-2017-17674 has a severity rating of 9.8 (Critical).
Which software versions are affected by CVE-2017-17674?
CVE-2017-17674 affects BMC Remedy Mid Tier 9.1 SP3.
What is the Common Weakness Enumeration (CWE) ID for CVE-2017-17674?
The CWE ID for CVE-2017-17674 is CWE-918.
How can I mitigate CVE-2017-17674?
To mitigate CVE-2017-17674, it is recommended to apply the available fixes for Remedy AR System security vulnerabilities provided by BMC. Please refer to the documentation for more details.
- collector/nvd-index
- vendor/bmc
- canonical/bmc remedy mid-tier
- version/bmc remedy mid-tier/9.1-sp3