Vulnerability — CVE-2023-26550

CVE-2023-26550

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-26550
Description:: A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field.
Last updated date:: 03/07/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/07/2023
Reference url to background: https://www.synacktiv.com/sites/default/files/2023-02/Synacktiv-ControlM-Multiple-Vulnerabilities.pdf