CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39122
https://notcve.org/view.php?id=CVE-2023-39122
BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200). • https://github.com/DojoSecurity/BMC-Control-M-Unauthenticated-SQL-Injection • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-34257
https://notcve.org/view.php?id=CVE-2023-34257
An issue was discovered in BMC Patrol through 23.1.00. The agent's configuration can be remotely modified (and, by default, authentication is not required). Some configuration fields related to SNMP (e.g., masterAgentName or masterAgentStartLine) result in code execution when the agent is restarted. NOTE: the vendor's perspective is "These are not vulnerabilities for us as we have provided the option to implement the authentication." • https://www.errno.fr/PatrolAdvisory.html#remote-code-excution-using-patrols-pconfig •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-34258
https://notcve.org/view.php?id=CVE-2023-34258
An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution. • https://gist.github.com/gquere/045638b9959f4b3e119ea01d8d6ff856 https://www.errno.fr/PatrolAdvisory.html#remote-secrets-leak-using-patrols-pconfig-22100 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26550
https://notcve.org/view.php?id=CVE-2023-26550
A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field. • https://www.synacktiv.com/sites/default/files/2023-02/Synacktiv-ControlM-Multiple-Vulnerabilities.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 3CVE-2022-26088 – BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection
https://notcve.org/view.php?id=CVE-2022-26088
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML (such as an SSRF payload) into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field. NOTE: the vendor's position is that "no real impact is demonstrated." Se descubrió un problema en BMC Remedy antes del 22.1. • http://packetstormsecurity.com/files/169863/BMC-Remedy-ITSM-Suite-9.1.10-20.02-HTML-Injection.html http://seclists.org/fulldisclosure/2022/Nov/10 https://sec-consult.com/vulnerability-lab/advisory/html-injection-in-bmc-remedy-itsm-suite • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •