CVE-2025-55111

Medium CVSS: 5.7

Certain files with overly permissive permissions were identified in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions as well as in newer versions which were upgraded from an affected version. These files contain keys and passwords relating to SSL files, keystore and policies. An attacker with local access to the system running the Agent can access these files.

Vendor

Bmc

Product

Control-m\/agent

CWE

CWE-276

Yayın Tarihi

2025-09-16 13:16:05

Güncelleme

2025-09-29 12:08:29

Source Identifier

cert@airbus.com

KEV Date Added

Kategoriler

CWE-276 Control-m\/agent MEDIUM Bmc 2025

Referanslar

https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441965 https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000442099

Benzer Kayıtlar

Medium

CVE-2025-55117

A stack-based buffer overflow can be remotely triggered when formatting an error message in the Control-M/Agent when SSL…

Critical

CVE-2025-55115

A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the syst…

Critical

CVE-2025-55116

A buffer overflow in the Control-M/Agent can lead to a local privilege escalation when an attacker has access to the sys…

Critical

CVE-2025-55113

If the Access Control List is enforced by the Control-M/Agent and the C router is in use (default in Out-of-support Cont…

High

CVE-2025-55112

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported versions) that are configu…

Critical

CVE-2025-55109

An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potent…