CVE-2024-34399

**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthenticated remote attacker is able to access any user account without using any password. NOTE: This vulnerability only affects products that are no longer supported by the maintainer and the impacted version for this vulnerability is 7.6.04 only.
References
Link Resource
https://www.gruppotim.it/it/footer/red-team.html Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:bmc:remedy_mid-tier:7.6.04:*:*:*:*:*:*:*

History

14 Oct 2025, 18:04

Type Values Removed Values Added
References () https://www.gruppotim.it/it/footer/red-team.html - () https://www.gruppotim.it/it/footer/red-team.html - Third Party Advisory
CPE cpe:2.3:a:bmc:remedy_mid-tier:7.6.04:*:*:*:*:*:*:*
First Time Bmc remedy Mid-tier
Bmc

Information

Published : 2024-09-18 18:15

Updated : 2025-10-14 18:04


NVD link : CVE-2024-34399

Mitre link : CVE-2024-34399

CVE.ORG link : CVE-2024-34399


JSON object : View

Products Affected

bmc

  • remedy_mid-tier
CWE
CWE-287

Improper Authentication