Vulnerabilities

CVE-2025-48709

by Fred · 07/08/2025

An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database connection, it runs DBUStatus.exe frequently, which then calls dbu_connection_details.vbs with the username, password, database hostname, and port written in cleartext, which can be seen in event and process logs in two separate locations.

Assigner : cve@mitre.org

More information : https://bmc.com

Similar

Tags: Cybersecurity Alert