CVE-2019-11216 - BMC has released a fix for an unspecified vulnerability in BMC Smart Reporting that can allow an administrative user to exfiltrate files from the local file system. CVSS v3 base score: 2.6 (low) Remedy Smart Reporting Versions: 9.1.03.001, 9.1.04.002, 18.05.05, 18.08,19.02.01 are affected by this vulnerability. **No action is required for Smart Reporting 19.08 and onwards** |
This knowledge article may contain information that does not apply to version 21.05 or later which runs in a container environment. Please refer to Article Number 000385088 for more information about troubleshooting BMC products in containers. CVE-2019-11216 - BMC has released a fix for an unspecified vulnerability in BMC Smart Reporting that can allow an administrative user to exfiltrate files from the local file system. SW00560973 - 9.1.03.001 SW00558886: - 9.1.04.002 - 18.05.05 - 19.02.01 Remedy Smart Reporting:
Remedy product line cumulative hot fixes – Refer to KA#000164912 (you must be logged into Support Central to view the KA). Thanks to David Herrero for responsibly disclosing this vulnerability. |