EUVD-2025-208871CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
5Description
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain an authentication bypass vulnerability due to improper enforcement of security filters on restricted REST API endpoints and servlets. Unauthenticated remote attackers can bypass access controls to invoke restricted functionality and gain unauthorized access to application data and modify system resources. The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.
Analysis
BMC FootPrints ITSM contains an authentication bypass vulnerability allowing unauthenticated remote attackers to access restricted REST API endpoints and servlets without proper authorization. Affected versions range from 20.20.02 through 20.24.01.001, enabling attackers to invoke restricted functionality, access application data, and modify system resources. A public proof-of-concept exploit has been published by watchTowr Labs demonstrating pre-authentication remote code execution chains, significantly elevating the real-world risk.
Technical Context
This vulnerability affects BMC FootPrints ITSM (IT Service Management), identified by CPE cpe:2.3:a:bmc_software,_inc.:footprints. The root cause is classified as CWE-306 (Missing Authentication for Critical Function), where security filters fail to properly enforce authentication requirements on restricted REST API endpoints and servlet interfaces. FootPrints ITSM is an enterprise IT service management platform that provides ticketing, asset management, and workflow automation capabilities. The improper enforcement of security controls allows direct invocation of privileged functionality that should require authenticated sessions, bypassing the application's intended access control mechanisms at the web application layer.
Affected Products
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 are affected by this authentication bypass vulnerability. The affected product is confirmed via CPE identifier cpe:2.3:a:bmc_software,_inc.:footprints. Specific vulnerable versions include all releases in the 20.20.x, 20.21.x, 20.22.x, 20.23.x, and 20.24.x series up to and including 20.24.01.001. Organizations running any FootPrints ITSM deployment within this version range should consider themselves exposed to unauthenticated remote exploitation. Detailed release notes and remediation guidance are available at https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/.
Remediation
Apply the appropriate hotfix from BMC Software immediately based on your deployed version: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, or 20.24.01 as documented in the vendor release notes at https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/Release-notes/2024-Release-01-Patch-2/. Given the availability of public exploit code, patching should be prioritized as an emergency change. As an interim mitigation until patching is complete, restrict network access to FootPrints ITSM instances to trusted IP ranges only, implement network segmentation to limit exposure, and monitor for unauthorized API access attempts in application logs. Disable or restrict external network access to REST API endpoints if business operations permit.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today