The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentially earlier unsupported versions
Metrics
Affected Vendors & Products
References
History
Wed, 01 Jul 2026 08:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentially earlier unsupported versions | |
| Title | Weak password hash protection in Control-M/Entreprise Manager | |
| Weaknesses | CWE-328 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: airbus
Published:
Updated: 2026-07-01T07:52:10.618Z
Reserved: 2026-06-01T12:16:12.516Z
Link: CVE-2026-10540
No data.
No data.
No data.
OpenCVE Enrichment
No data.