VYPR

Footprints Itsm

by BMC Software

CVEs (4)

  • CVE-2025-71260HigMar 19, 2026
    risk 0.60cvss 8.8epss 0.34

    BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a deserialization of untrusted data vulnerability in the ASP.NET servlet's VIEWSTATE handling that allows authenticated attackers to execute arbitrary code. Attackers can supply crafted serialized objects to the…

  • CVE-2025-71257HigMar 19, 2026
    risk 0.48cvss 7.3epss 0.04

    BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain an authentication bypass vulnerability due to improper enforcement of security filters on restricted REST API endpoints and servlets. Unauthenticated remote attackers can bypass access controls to invoke…

  • CVE-2025-71259MedMar 19, 2026
    risk 0.28cvss 4.3epss 0.13

    BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the externalfeed/RSS API component that allows authenticated attackers to trigger arbitrary outbound requests from the server. Attackers can exploit…

  • CVE-2025-71258MedMar 19, 2026
    risk 0.28cvss 4.3epss 0.17

    BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL…