← voltar
CVE-2025-55114

BMC Control-M/Agent improper IP address filtering order

CVSS 6.9 MEDIUMEPSS 0.4%CWE-696
The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent to vulnerabilities in the SSL/TLS implementation under certain non-default conditions (e.g. CVE-2025-55117 or CVE-2025-55118) or potentially to resource exhaustion.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Produtos afetados
BMC · Control-M/Agent

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000441968https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=000442099