107 matches found
Command injection
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection...
CVE-2019-19215
A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote attackers to have unspecified impact via vectors related to the configured IP address or SMTP server...
CVE-2019-19215
The CVE concerns BMC Control-M/Agent 7.0.00.000 where a buffer overflow occurs when the On-Do action destination is Mail and the Agent is configured to send mail. The vulnerability is triggered by vectors related to the configured IP address or SMTP server, allowing remote attackers to impact the...
CVE-2019-19216
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy...
CVE-2019-19217
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection...
CVE-2019-19218
CVE-2019-19218 affects BMC Control-M/Agent 7.0.00.000. Multiple connected sources describe an information disclosure due to insecure password storage in the Control-M/Agent. The CVE details indicate a high-severity exposure (CVSSv3.1 base score 7.5) with network access required and no privileges ...
Insecure Temporary Files in BMC/Control-M Agent
BMC's Control M is an enterprise scheduling facility. Unfortunately, the agent software suffers from a problem with insecure temporary file creation. We noticed the problem on Solaris systems running the version 6.1.03 with current patches; it is reasonable to assume that other OS platforms and...