BMC Control-M Authentication Bypass Vulnerability

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. An authentication bypass vulnerability exists in BMC Control-M that stems from an authentication bypass when using an empty or default kdb keystore or a default...

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. BMC Control-M suffers from a stack buffer overflow vulnerability that originates from formatting an error message when SSL/TLS communication is misconfigured, no...

CVE-2025-48709

CVE-2025-48709 affects BMC Control-M/Server 9.0.21.300, where credentials are stored in cleartext and exposed via process lists and logs. The root cause is the control path when a database connection is active: Control-M/Server runs DBUStatus.exe, which invokes dbu_connection_details.vbs with the...

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC Inc. simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M version 9.0.21.300, which originates from the explicit storage of database credentials and could lead to information...

CVE-2024-1606

Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled b...