CVE-2014-8270

BMC Track-It! 11.3 - Privilege Escalation via Account Name Collision

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8270. PoCs published by bperry, jhart, including Metasploit module auxiliary/scanner/http/bmc_trackit_passwd_reset.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated arbitrary password reset vulnerability in BMC TrackIt! 11.3 and prior versions. It allows an attacker to change the password of any domain user, including domain administrators, by abusing the password reset mechanism.

Description

BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.

Exploits (1)

metasploit WORKING POC
by bperry, jhart · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/bmc_trackit_passwd_reset.rb

This Metasploit module exploits an unauthenticated arbitrary password reset vulnerability in BMC TrackIt! 11.3 and prior versions. It allows an attacker to change the password of any domain user, including domain administrators, by abusing the password reset mechanism.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: BMC TrackIt! 11.3 and prior
No auth needed
Prerequisites: Access to the password reset endpoint · Knowledge of the target username
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-14-419/

Scores

EPSS 0.2008
EPSS Percentile 97.1%

Details

CWE
CWE-264
Status published
Products (1)
bmc/track-it\! 11.3
Published Dec 12, 2014
Tracked Since Feb 18, 2026