CNNVD-202509-2509 Information
CNNVD ID
CNNVD-202509-2509
Related CVE
- CNNVD Published: 2025-09-16
Description (Chinese)
BMC Control-M是BMC公司的一个应用程序。简化了本地或作为服务的应用程序和数据工作流编排。 BMC Control-M/Agent 9.0.20版本和9.0.21版本和9.0.22版本存在安全漏洞,该漏洞源于SSL/TLS通信配置错误时格式化错误消息存在基于栈的缓冲区溢出,可能导致远程触发。
Description (English)
BMC Control-M is an application of BMC. Simplified local or service-based applications and data workflow. BMC Control-M/Agent versions 9.0.20 and 9.0.21 and 9.0.22 have security loopholes, which stem from the proliferation of cage-based buffers that can be triggered remotely by misformatted messages when SSL/TLS communication configuration is wrong.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
BMC
Published
2025-09-16
Last Modified
2026-02-24
References
https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000442099 https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441972 https://access.redhat.com/security/cve/cve-2025-55117
Patch
https://www.bmc.com/available/edownloads.html
Share on: