CVE-2026-10540
EUVD-2026-4093301.07.2026, 08:16
The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentially earlier unsupported versionsEnginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| bmc | control-m | 9.0.20 ≤ 𝑥 < 9.0.21 | CNA |