VYPR
Get started
← All vendors
Vendor

BMC Software

Sign in to watch

BMC Software, Inc. is an American multinational information technology (IT) services and consulting, and enterprise software company. In 2025, the company's Helix product was spun off into the independent IT service and operations-focused company BMC Helix. Both companies are owned by KKR and based in Houston, Texas.

Founded 1980
Products
19
CVEs
29
Across products
71
Status
Private

Products

19

Recent CVEs

29
CVESevRiskCVSSEPSSKEVPublishedDescription
CVE-2026-23781Cri0.649.80.00Apr 10, 2026An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A set of default debug user credentials is hardcoded in cleartext within the application package. If left unchanged, these credentials can be easily obtained and may allow unauthorized access to the MFT API debug interface.
CVE-2016-4322Cri0.649.80.02Dec 13, 2016BMC BladeLogic Server Automation (BSA) before 8.7 Patch 3 allows remote attackers to bypass authentication and consequently read arbitrary files or possibly have unspecified other impact by leveraging a "logic flaw" in the authentication process.
CVE-2025-71260Hig0.608.80.35Mar 19, 2026BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a deserialization of untrusted data vulnerability in the ASP.NET servlet's VIEWSTATE handling that allows authenticated attackers to execute arbitrary code. Attackers can supply crafted serialized objects to the VIEWSTATE parameter to achieve remote code execution and fully compromise the application. The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.
CVE-2026-23780Hig0.578.80.00Apr 10, 2026An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable arbitrary file read/write operations and potentially lead to remote code execution.
CVE-2017-13130Hig0.517.80.00Aug 23, 2017mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.
CVE-2016-9638Hig0.517.80.00Dec 2, 2016In BMC Patrol before 9.13.10.02, the binary "listguests64" is configured with the setuid bit. However, when executing it, it will look for a binary named "virsh" using the PATH environment variable. The "listguests64" program will then run "virsh" using root privileges. This allows local users to elevate their privileges to root.
CVE-2026-23782Hig0.497.50.00Apr 10, 2026An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. An API management endpoint allows unauthenticated users to obtain both an API identifier and its corresponding secret value. With these exposed secrets, an attacker could invoke privileged API operations, potentially leading to unauthorized access.
CVE-2025-71257Hig0.497.30.16Mar 19, 2026BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain an authentication bypass vulnerability due to improper enforcement of security filters on restricted REST API endpoints and servlets. Unauthenticated remote attackers can bypass access controls to invoke restricted functionality and gain unauthorized access to application data and modify system resources. The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.
CVE-2014-9514Med0.406.10.00Aug 28, 2017Cross-site scripting (XSS) vulnerability in BMC Footprints Service Core 11.5.
CVE-2025-71259Med0.284.30.03Mar 19, 2026BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the externalfeed/RSS API component that allows authenticated attackers to trigger arbitrary outbound requests from the server. Attackers can exploit insufficient validation of externally supplied resource references to interact with internal services or cause resource exhaustion impacting availability. The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.
CVE-2025-71258Med0.284.30.02Mar 19, 2026BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to perform internal network scanning or interact with internal services, impacting system availability. The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.
CVE-2014-48720.100.82Oct 10, 2014BMC Track-It! 11.3.0.355 does not require authentication on TCP port 9010, which allows remote attackers to upload arbitrary files, execute arbitrary code, or obtain sensitive credential and configuration information via a .NET Remoting request to (1) FileStorageService or (2) ConfigurationService.
CVE-2014-82700.080.66Dec 12, 2014BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.
CVE-2014-48740.040.16Oct 10, 2014BMC Track-It! 11.3.0.355 allows remote authenticated users to read arbitrary files by visiting the TrackItWeb/Attachment page.
CVE-2014-48730.030.05Oct 10, 2014SQL injection vulnerability in TrackItWeb/Grid/GetData in BMC Track-It! 11.3.0.355 allows remote authenticated users to execute arbitrary SQL commands via crafted POST data.
CVE-2013-49460.030.01Jul 29, 2013Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.aspx, the (2) CallBack parameter to QV_grid.aspx, or the (3) HelpPage parameter to commonhelp.aspx.
CVE-2013-49450.030.00Jul 29, 2013Multiple SQL injection vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to execute arbitrary SQL commands via the (1) ASPSESSIONIDASSRATTQ, (2) TABLE_WIDGET_1, (3) TABLE_WIDGET_2, (4) browserDateTimeInfo, or (5) browserNumberInfo cookie parameter to DashBoardGUI.aspx; or the (6) UID parameter to login.aspx.
CVE-2012-29590.030.00Jun 11, 2012Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
CVE-1999-14600.030.00Jul 13, 1999BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.
CVE-2011-09750.020.22Feb 10, 2011Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Servers, Performance Assurance for Servers, and Performance Assurance for Virtual Servers 7.4.00 through 7.5.10; Performance Analyzer and Performance Predictor for Servers 7.4.00 through 7.5.10; and Capacity Management Essentials 1.2.00 (7.4.15) allows remote attackers to execute arbitrary code via a crafted length value in a BGS_MULTIPLE_READS command to TCP port 6768.