CVE-2025-71259 Scanner

BMC FootPrints is commonly used by IT departments and organizations for managing service desk requests, incidents, and changes within IT services. This platform aids various businesses in handling both internal and external service operations efficiently. It's prominent in sectors requiring robust IT service management solutions, such as healthcare, finance, and education. Administrators and IT professionals utilize FootPrints to streamline service desk operations and improve customer satisfaction. The software is intended to enhance the effectiveness of service management by integrating various tools and automation. Additionally, it's designed to facilitate compliance with ITIL standards and improve management's visibility into IT performance.

The vulnerability detected in BMC FootPrints is a Server-Side Request Forgery (SSRF) flaw. SSRF vulnerabilities occur when an attacker tricks a server into initiating requests to unintended locations. In this instance, unauthenticated attackers can leverage the 'feedUrl' parameter to make HTTP requests via the server to arbitrary URLs. Consequently, this can lead to unauthorized access to internal services, and potentially circumvent firewall protections. The vulnerability is serious, as it's part of a pre-authenticated RCE chain in conjunction with other CVEs. It highlights a critical gap in managing how external requests are handled by the server.

Technically, the issue lies within the /footprints/servicedesk/externalfeed/RSS endpoint of BMC FootPrints. The server processes the 'feedUrl' parameter without sufficient validation, allowing arbitrary external requests. This could enable attackers to interact with otherwise unreachable network resources by controlling the server's outgoing requests. This SSRF vulnerability could be exploited to gather sensitive internal data or use the server as a pivot for further network penetration. The risk is elevated when combined with other vulnerabilities to execute more potent attacks.

The possible effects of exploiting this SSRF vulnerability include unauthorized network scanning and possible retrieval of sensitive information from internal resources. Malicious actors could potentially map the internal network, gain access to protected services, or exfiltrate data through manipulated server requests. Moreover, exploiting SSRF can facilitate further attacks such as Remote Code Execution (RCE) when combined with other vulnerabilities. Organizations can face significant security breaches and data loss if this vulnerability is left unmitigated.

REFERENCES

• https://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/
• https://docs.bmc.com/xwiki/bin/view/More-Products/Footprints/FootPrints/fp2024/
• https://nvd.nist.gov/vuln/detail/CVE-2025-71259