Multiple vulnerabilities were reported in BMC Control-M before 9.0.20.214 by researcher Guillaume Jacques from synacktiv
- Multiple SQL injections
- Denial of service
- Multiple Java exception information leaks
- Denial of service
- Multiple Java exception information leaks
link: https://www.synacktiv.com/sites/default/files/2023-02/Synacktiv-ControlM-Multiple-Vulnerabilities.pdf
AFAIK, no cve are assigned yet.
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/