Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable arbitrary file read/write operations and potentially lead to remote code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BMC Control-M/MFT 安全漏洞
Vulnerability Description
BMC Control-M/MFT是美国BMC公司的一款企业级文件传输与作业调度集成管理的自动化软件。 BMC Control-M/MFT 9.0.22及之前版本存在安全漏洞,该漏洞源于MFT API调试接口存在输入验证不当和动态SQL处理不安全,可能导致SQL注入、任意文件读写和远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A