CVE-2025-71258
Published: 19 March 2026
Summary
CVE-2025-71258 is a medium-severity SSRF (CWE-918) vulnerability in Bmc Footprints Itsm. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Network Service Discovery (T1046); ranked in the top 16.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component. The flaw stems from improper URL validation that permits an authenticated user to induce the server to issue arbitrary outbound HTTP requests, corresponding to CWE-918.
An authenticated attacker can supply crafted URLs to the searchWeb endpoint, causing the application to scan internal hosts, interact with internal services, or otherwise affect availability. The CVSS 5.3 rating reflects network-accessible exploitation with low attack complexity and limited impact confined to availability.
Vendor advisories list specific hotfixes that remediate the issue across the affected release branches, including 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01. Public references from BMC and third-party researchers provide patch details and additional context on related attack chains.
EPSS for the CVE rose from a low baseline to a peak of 0.0340, indicating emerging exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208873
Vulnerability details
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a blind server-side request forgery vulnerability in the searchWeb API component that allows authenticated attackers to cause the server to initiate arbitrary outbound requests. Attackers can exploit improper URL validation to perform…
more
internal network scanning or interact with internal services, impacting system availability. The following hotfixes remediate the vulnerability: 20.20.02, 20.20.03.002, 20.21.01.001, 20.21.02.002, 20.22.01, 20.22.01.001, 20.23.01, 20.23.01.002, and 20.24.01.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Blind SSRF enables internal network/service scanning from the compromised server via arbitrary outbound requests.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the SSRF vulnerability by requiring timely application of BMC's specified hotfixes for affected FootPrints ITSM versions.
Addresses the root cause of improper URL validation in the searchWeb API by enforcing validation of inputs to prevent arbitrary outbound server requests.
Mitigates exploitation by monitoring and controlling outbound communications from the server to block unauthorized internal network scanning or service interactions.