219 matches found
Design/Logic Flaw
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy...
Default credentials
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...
Command injection
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection...
CVE-2019-19215
A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the On-Do action destination is Mail and the Control-M/Agent is configured to send the email, allows remote attackers to have unspecified impact via vectors related to the configured IP address or SMTP server...
CVE-2019-19215
The CVE concerns BMC Control-M/Agent 7.0.00.000 where a buffer overflow occurs when the On-Do action destination is Mail and the Agent is configured to send mail. The vulnerability is triggered by vectors related to the configured IP address or SMTP server, allowing remote attackers to impact the...
CVE-2019-19216
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy...
CVE-2019-19216
The CVE-2019-19216 entry concerns BMC Software Control-M/Agent 7.0.00.000. Connected CNVD data states a vulnerability exists in Control-M/Agent 7.0.00.000 that could allow a remote attacker to overwrite sensitive files and possibly execute commands. The NVD entry identifies an Insecure File Copy ...
CVE-2019-19217
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection...
CVE-2019-19217
CVE-2019-19217 affects BMC Control-M/Agent 7.0.00.000. Described in CNVD-2020-26845 and NVD entry as OS command injection via the TCP protocol used between Control-M/Agent and Control-M/Server; a remote attacker could submit a crafted request to execute arbitrary commands. No remediation details ...
CVE-2019-19218
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...
CVE-2019-19218
CVE-2019-19218 affects BMC Control-M/Agent 7.0.00.000. Multiple connected sources describe an information disclosure due to insecure password storage in the Control-M/Agent. The CVE details indicate a high-severity exposure (CVSSv3.1 base score 7.5) with network access required and no privileges ...
CVE-2019-19219
BMC Control-M/Agent 7.0.00.000 allows Arbitrary File Download...
CVE-2019-19219
CVE-2019-19219 affects BMC Control-M/Agent 7.0.00.000. The CNVD entry describes a vulnerability in Control-M/Agent–Control-M/Server communication over TCP that lets remote attackers submit a special request to download arbitrary files. The NVD entry similarly states Arbitrary File Download. No re...
CVE-2019-19220
BMC Control-M/Agent 7.0.00.000 allows OS Command Injection issue 2 of 2...
CVE-2005-3311
BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2005-3311
BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2005-3311
BMC Software Control-M 6.1.03 for Solaris (and possibly other platforms) is affected by a local symlink race that allows a local user to overwrite arbitrary files via temporary files. This vulnerability can impact integrity (partial) with no confidentiality/availability impact per the CVSS vector...
BMC Control M enterprise scheduling system agent symbolic links problem
Insecure creation of temporary directory...
Insecure Temporary Files in BMC/Control-M Agent
BMC's Control M is an enterprise scheduling facility. Unfortunately, the agent software suffers from a problem with insecure temporary file creation. We noticed the problem on Solaris systems running the version 6.1.03 with current patches; it is reasonable to assume that other OS platforms and...