Description
BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the import functionality. One can import a malicious XML file and perform XXE attacks to download local files from the server, or do DoS attacks with XML expansion attacks. XXE with direct response and XXE OOB are allowed.
References (3)
Core 3
Core References
Product x_refsource_misc
https://docs.bmc.com/docs/itsm90/export-and-import-repository-509983929.html
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2019/Dec/7
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/155552/BMC-Smart-Reporting-7.3-20180418-XML-Injection.html
Scores
CVSS v3
6.5
EPSS
0.0061
EPSS Percentile
69.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-611
CWE-434
Status
published
Products (1)
bmc/remedy_smart_reporting
9.1.03 - 9.1.03.001
Published
Dec 04, 2019
Tracked Since
Feb 18, 2026