CVE-2024-34398

Medium CVSS: 4.2

An issue was discovered in BMC Remedy Mid Tier 7.6.04. The web application allows stored HTML Injection by authenticated remote attackers.

Vendor

Product

CWE

Yayın Tarihi

2025-03-12 17:15:41

Güncelleme

2025-10-14 18:04:19

Source Identifier

cve@mitre.org

KEV Date Added

CWE-80 Remedy Mid-tier MEDIUM Bmc 2025

https://www.gruppotim.it/it/footer/red-team.html

Medium

CVE-2025-55117

A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL…

Critical

CVE-2025-55115

A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the syst…

Critical

CVE-2025-55116

A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the sys…

Critical

CVE-2025-55113

If the Access Control List is enforced by the Control-M/Agent and the C router is in use (default in Out-of-support Cont…

High

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported versions) that are configu…

Medium

CVE-2025-55111

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 t…