cbcvebase.
CVE-2014-8270
published 2014-12-12

CVE-2014-8270: BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system…

PriorityP350medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
20.08%
97.1th percentile
BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.

Affected

1 ranges
VendorProductVersion rangeFixed in
bmctrack-it_!

Detection & IOCsextracted from sources · hover to see the quote

versionBMC Track-It! 11.3
  • Monitor for unauthenticated password reset requests targeting the BMC Track-It! 11.3 password reset service endpoint, particularly those targeting accounts matching local system or domain administrator account names.
  • Alert on creation of new accounts whose names match existing local system or domain administrator accounts in environments running BMC Track-It!, as this is a prerequisite step in the exploitation chain.
  • The Metasploit auxiliary module `scanner/http/bmc_trackit_passwd_reset` can be used to validate exposure; detect its HTTP request patterns (unauthenticated password reset calls) in web/proxy logs as a network-based indicator of active exploitation attempts.
  • ·Risk is significantly elevated when the password reset service is configured to run under a domain administrator account, which is noted as the recommended/default configuration — this allows domain-level credential compromise.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.