🔴 严重 | CVE-2026-10539 — A Control-M/Server communication command does not ...
🔴 《严重安全漏洞:CVE-2026-10539》
CVSS 评分: 严重(9.5) 状态: Awaiting Analysis 发布时间: 2026-07-01
漏洞描述
A Control-M/Server communication command does not sufficiently filter or sanitize user-supplied input. Under certain conditions, this issue may allow an unauthenticated attacker to execute unauthorized commands on the affected server, potentially leading to compromise of the server.
This vulnerability affects Control-M/Server versions 9.0.20.x to 9.0.21.200 (included) and potentially earlier unsupported versions.
🔍 技术细节
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-10539 |
| CVSS 评分 | 9.5 🔴 |
| 严重程度 | 严重 |
| CVSS 向量 | CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
| CWE 分类 | CWE-305 |
| 发布时间 | 2026-07-01 |
| 最后更新 | 2026-07-01 |
| 状态 | Awaiting Analysis |
🔗 参考链接
🤖 本文由 CVE 安全快讯机器人自动生成 | 数据来源: NVD
💬 评论