Lucene search
+L

1547 matches found

RedhatCVE
RedhatCVE
added 2025/09/18 12:29 p.m.10 views

CVE-2025-55109

An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS12 keystore. A remote attacker with access to a signed third-party or demo...

9.5CVSS7.1AI score0.00329EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/18 12:0 a.m.5 views

BMC Control-M Authentication Bypass Vulnerability

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. An authentication bypass vulnerability exists in BMC Control-M that stems from an authentication bypass when using an empty or default kdb keystore or a default...

9.5CVSS7.1AI score0.00329EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/18 12:0 a.m.3 views

Unspecified Vulnerability in BMC Control-M (CNVD-2025-22540)

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M that stems from the default use of the kdb or PKCS12 keystore with a known password, which can be exploited by an...

5.7CVSS6.8AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2025/09/16 1:16 p.m.6 views

CVE-2025-55110

Control-M/Agents use a kdb or PKCS12 keystore by default, and the default keystore password is well known and documented. An attacker with read access to the keystore could access sensitive data using this password...

5.7CVSS0.00126EPSS
Exploits0References2
NVD
NVD
added 2025/09/16 1:16 p.m.8 views

CVE-2025-55109

An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS12 keystore. A remote attacker with access to a signed third-party or demo...

9.5CVSS0.00329EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 1:16 p.m.5 views

CVE-2025-55109

An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS12 keystore. A remote attacker with access to a signed third-party or demo...

9.5CVSS5.9AI score0.00329EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/16 12:18 p.m.3 views

CVE-2025-55111 BMC Control-M/Agent insecure default file permissions

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...

5.7CVSS6.3AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 12:18 p.m.10 views

CVE-2025-55111 BMC Control-M/Agent insecure default file permissions

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating ...

5.7CVSS0.0012EPSS
Exploits0References2
CVE
CVE
added 2025/09/16 12:18 p.m.17 views

CVE-2025-55111

CVE-2025-55111 affects BMC Control-M/Agent; out-of-support versions 9.0.18–9.0.20 and some earlier/upgraded newer versions contain files with overly permissive permissions that store SSL keys, keystores, and policy passwords. An attacker with local access can read these files. The connected sourc...

5.7CVSS6.3AI score0.0012EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/16 12:16 p.m.3 views

CVE-2025-55110 BMC Control-M/Agent hardcoded default keystore password

Control-M/Agents use a kdb or PKCS12 keystore by default, and the default keystore password is well known and documented. An attacker with read access to the keystore could access sensitive data using this password...

5.7CVSS6.4AI score0.00126EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 12:16 p.m.8 views

CVE-2025-55110 BMC Control-M/Agent hardcoded default keystore password

Control-M/Agents use a kdb or PKCS12 keystore by default, and the default keystore password is well known and documented. An attacker with read access to the keystore could access sensitive data using this password...

5.7CVSS0.00126EPSS
Exploits0References2
CVE
CVE
added 2025/09/16 12:16 p.m.16 views

CVE-2025-55110

CVE-2025-55110 concerns BMC Control-M/Agents that use a kdb or PKCS#12 keystore by default with a well-known, documented password. The available connected sources confirm that an attacker with read access to the keystore could disclose sensitive data using this password. The vulnerability centers...

5.7CVSS6.4AI score0.00126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.5 views

PT-2025-37941

Name of the Vulnerable Software and Affected Versions Control-M/Agent versions 9.0.18 through 9.0.20 Description Files with overly permissive permissions were identified, potentially exposing keys and passwords related to SSL files, keystores, and policies. An attacker with local access to the...

5.7CVSS6.2AI score0.0012EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.5 views

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. An authentication bypass vulnerability exists in BMC Control-M that stems from an authentication bypass when using an empty or default kdb keystore or a default...

9.5CVSS7AI score0.00329EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.11 views

PT-2025-37924

Name of the Vulnerable Software and Affected Versions: Control-M/Agent versions 9.0.18 through 9.0.20 Control-M/Agent versions prior to 9.0.18 potentially earlier unsupported versions Description: An authentication bypass issue exists when using an empty or default kdb keystore or a default PKCS1...

9.5CVSS6.4AI score0.00329EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.4 views

BMC Control-M 安全漏洞

BMC Control-M is an application from BMC Corporation. Simplifies application and data workflow orchestration locally or as a service. A security vulnerability exists in BMC Control-M that stems from the default use of the kdb or PKCS12 keystore with a known password, which can be exploited by an...

5.7CVSS6.7AI score0.00126EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/16 12:0 a.m.8 views

PT-2025-37940

Name of the Vulnerable Software and Affected Versions: Control-M/Agents affected versions not specified Description: Control-M/Agents utilize a kdb or PKCS12 keystore by default, employing a well-known and documented default password. An attacker possessing read access to the keystore can...

5.7CVSS6.1AI score0.00126EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2015-3863

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and...

9.3CVSS6.1AI score0.01283EPSS
Exploits0References2
NVD
NVD
added 2025/09/03 5:15 a.m.8 views

CVE-2025-9785

PaperCut Print Deploy is an optional component that integrates with PaperCut NG/MF which simplifies printer deployment and management. When the component is deployed to an environment, the customer has an option to configure the system to use a self-signed certificate. If the customer does not...

7.7CVSS0.00106EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.3 views

SAMSUNG Blockchain Keystore Information Disclosure Vulnerability

SAMSUNG Blockchain Keystore is a system tool for creating, storing, managing and backing up private keys from Samsung South Korea. An information disclosure vulnerability exists in SAMSUNG Blockchain Keystore, which is caused by an out-of-bounds read flaw. An attacker could exploit the...

4.4CVSS6.1AI score0.00147EPSS
Exploits0References1
Rows per page
Query Builder