Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.17 views

CVE-2025-55111

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...

5.7CVSS6.7AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2025/09/16 1:16 p.m.5 views

CVE-2025-55111

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...

5.7CVSS0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 12:22 p.m.16 views

CVE-2025-55116 BMC Control-M/Agent buffer overflow local privilege escalation

A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the system running the Agent. This vulnerability impacts the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions...

9.3CVSS0.0015EPSS
Exploits0References2
CVE
CVE
added 2025/09/16 12:21 p.m.14 views

CVE-2025-55115

CVE-2025-55115 affects BMC Control-M/Agent versions 9.0.18–9.0.20 (and potentially earlier unsupported builds). The vulnerability is a path traversal in the Control-M/Agent that can enable local privilege escalation when an attacker has access to the system running the Agent. Impact is described ...

9.3CVSS6.5AI score0.00161EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/16 12:19 p.m.3 views

CVE-2025-55112 BMC Control-M/Agent hardcoded Blowfish keys

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions that are configured to use the non-default Blowfish cryptography algorithm use a hardcoded key. An attacker with access to network traffic and to this key could decrypt network traffic between th...

7.6CVSS6.4AI score0.00202EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/16 12:14 p.m.3 views

CVE-2025-55109 BMC Control-M/Agent default SSL/TLS configuration authenticated bypass

An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS12 keystore. A remote attacker with access to a signed third-party or demo...

9.5CVSS6.8AI score0.00329EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.5 views

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC, Inc. simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M versions 9.0.18 through 9.0.20 and prior unsupported versions, which stems from an overly generous file permission settin...

5.7CVSS6.4AI score0.0012EPSS
Exploits0References3
Rows per page
Query Builder