Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bmc control-m vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26550
A SQL injection vulnerability in BMC Control-M prior to 9.0.20.214 allows malicious users to execute arbitrary SQL commands via the memname JSON field.
Bmc Control-m
NA
CVE-2023-39122
BMC Control-M up to and including 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200).
Bmc Control-m
187
VMScore
CVE-2005-3311
BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Bmc Software Control-m Agent 6.1.03
383
VMScore
CVE-2019-19219
BMC Control-M/Agent 7.0.00.000 allows Arbitrary File Download.
Bmcsoftware Control-m\\/agent 7.0.00.000
756
VMScore
CVE-2019-19217
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection.
Bmcsoftware Control-m\\/agent 7.0.00.000
383
VMScore
CVE-2019-19218
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage.
Bmcsoftware Control-m\\/agent 7.0.00.000
756
VMScore
CVE-2019-19216
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy.
Bmcsoftware Control-m\\/agent 7.0.00.000
756
VMScore
CVE-2019-19220
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection (issue 2 of 2).
Bmcsoftware Control-m\\/agent 7.0.00.000
534
VMScore
CVE-2019-19215
A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote malicious users to have unspecified impact via vectors related to the configured IP address or SMTP s...
Bmcsoftware Control-m\\/agent 7.0.00.000
NA
CVE-2024-1605
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »