All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-10540
MEDIUMpublished 2026-07-01 08:16 UTC · 3 days ago · modified 2026-07-01 19:59 UTC
5.6
CVSS / 10
// description
The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentially earlier unsupported versions
// weaknesses (CWE)
- CWE-328