EUVD-2026-21371

| CVE-2026-23782
2026-04-10 mitre GHSA-83mf-f2q6-j3gg

Lifecycle Timeline

2
EUVD ID Assigned
Apr 10, 2026 - 14:45 euvd
EUVD-2026-21371
CVE Published
Apr 10, 2026 - 00:00 nvd
N/A

Tags

Authentication Bypass Information Disclosure N A

Description

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. An API management endpoint allows unauthenticated users to obtain both an API identifier and its corresponding secret value. With these exposed secrets, an attacker could invoke privileged API operations, potentially leading to unauthorized access.

Analysis

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. An API management endpoint allows unauthenticated users to obtain both an API identifier and its corresponding secret value. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

0
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0

Share

EUVD-2026-21371 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy