Security Advisory

CVE-2023-39122

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-31 00:00:00

Last updated 2024-10-22 15:35:35

Assigner mitre

State PUBLISHED

Description

BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200).

← Browse all CVEs View on cve.org ↗