CNNVD-202509-2518 Information
CNNVD ID
CNNVD-202509-2518
Related CVE
- CNNVD Published: 2025-09-16
Description (Chinese)
BMC Control-M是BMC公司的一个应用程序。简化了本地或作为服务的应用程序和数据工作流编排。 BMC Control-M 9.0.18版本至9.0.20版本及之前不受支持的版本存在安全漏洞,该漏洞源于文件权限设置过于宽松,可能导致本地攻击者访问包含密钥和密码的文件。
Description (English)
BMC Control-M is an application of BMC. Simplified local or service-based applications and data workflow. There is a security loophole in BMC Control-M versions 9.0.18 to 9.0.20 and previously unsupported versions, which stems from too loose a file permission set, which may lead local assailants to access documents containing keys and passwords.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
BMC
Published
2025-09-16
Last Modified
2026-02-24
References
https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441965 https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000442099 https://access.redhat.com/security/cve/cve-2025-55111
Patch
https://www.bmc.com/available/edownloads.html
Share on: