CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-1606 – HTML injection in BMC Control-M
https://notcve.org/view.php?id=CVE-2024-1606
Lack of input sanitization in BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users for manipulation of generated web pages via injection of HTML code. This might lead to a successful phishing attack for example by tricking users into using a hyperlink pointing to a website controlled by an attacker. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.200. La falta de sanitización de entradas en las ramas 9.0.20 y 9.0.21 de BMC Control-M permite a los usuarios registrados manipular las páginas web generadas mediante la inyección de código HTML. Esto podría conducir a un ataque de phishing exitoso, por ejemplo, engañando a los usuarios para que utilicen un hipervínculo que apunte a un sitio web controlado por un atacante. • https://cert.pl/en/posts/2024/03/CVE-2024-1604 https://cert.pl/posts/2024/03/CVE-2024-1604 https://www.bmc.com/it-solutions/control-m.html • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-1605 – DLL side-loading in BMC Control-M
https://notcve.org/view.php?id=CVE-2024-1605
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) from a directory that grants Write and Read permissions to all users. Leveraging it leads to loading of a potentially malicious libraries, which will execute with the application's privileges. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201. BMC Control-M ramificaciones 9.0.20 y 9.0.21 al iniciar sesión el usuario carga todas las librerías de vínculos dinámicos (DLL) desde un directorio que otorga permisos de escritura y lectura a todos los usuarios. Aprovecharlo conduce a la carga de librerías potencialmente maliciosas, que se ejecutarán con los privilegios de la aplicación. • https://cert.pl/en/posts/2024/03/CVE-2024-1604 https://cert.pl/posts/2024/03/CVE-2024-1604 https://www.bmc.com/it-solutions/control-m.html • CWE-276: Incorrect Default Permissions CWE-284: Improper Access Control •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-1604 – Incorrect authorization in BMC Control-M
https://notcve.org/view.php?id=CVE-2024-1604
Improper authorization in the report management and creation module of BMC Control-M branches 9.0.20 and 9.0.21 allows logged-in users to read and make unauthorized changes to any reports available within the application, even without proper permissions. The attacker must know the unique identifier of the report they want to manipulate. Fix for 9.0.20 branch was released in version 9.0.20.238. Fix for 9.0.21 branch was released in version 9.0.21.201. La autorización inadecuada en el módulo de creación y gestión de informes de las ramas 9.0.20 y 9.0.21 de BMC Control-M permite a los usuarios registrados leer y realizar cambios no autorizados en cualquier informe disponible dentro de la aplicación, incluso sin los permisos adecuados. El atacante debe conocer el identificador único del informe que quiere manipular. • https://cert.pl/en/posts/2024/03/CVE-2024-1604 https://cert.pl/posts/2024/03/CVE-2024-1604 https://www.bmc.com/it-solutions/control-m.html • CWE-639: Authorization Bypass Through User-Controlled Key CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35593
https://notcve.org/view.php?id=CVE-2020-35593
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host. BMC PATROL Agent hasta 20.08.00 permite la escalada de privilegios locales a través de vectores que involucran pconfig +RESTART -host. • http://web.archive.org/web/20210106175128/https://community.bmc.com/s/article/SECURITY-Patrol-Agent-Local-Privilege-Escalation-in-BMC-PATROL-Agent-CVE-2020-35593 https://community.bmc.com/s/article/SECURITY-Patrol-Agent-Local-Privilege-Escalation-in-BMC-PATROL-Agent-CVE-2020-35593 https://webapps.bmc.com/support/faces/az/prodallversions.jsp?seqid=304517 https://www.securifera.com/advisories https://www.securifera.com/blog/2021/03/08/bmc-patrol-agent-domain-user-to-domain-admin-part-2 • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9453
https://notcve.org/view.php?id=CVE-2017-9453
BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass. BMC Server Automation anterior a 8.9.01 parche 1 permite la ejecución del comando Process Spawner debido a la omisión de autenticación. • https://docs.bmc.com/docs/serverautomation/2002/notification-of-critical-security-issue-in-bmc-server-automation-cve-2017-9453-1020706453.html • CWE-863: Incorrect Authorization •