3 matches found
CVE-2025-48709
creationtimestamp| type| source ---|---|--- 2025-08-07 20:55:06+00:00| seen| Telegram/kJ5XvcR0oYB8dMOlDfdpFJqtCLhnrerT6wnJwZt3YaRtd8...
CVE-2025-48709 BMC Control-M/Server cleartext database credentials in process lists and logs
BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...
CVE-2025-48709
CVE-2025-48709 affects BMC Control-M/Server 9.0.21.300, where credentials are stored in cleartext and exposed via process lists and logs. The root cause is the control path when a database connection is active: Control-M/Server runs DBUStatus.exe, which invokes dbu_connection_details.vbs with the...