← Back to CVE List

CVE-2023-39122

Published: 2023-07-31T23:15Z
Last Modified: 2024-11-21T08:14Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt