CyberSec.Space Logo
Back to CVE Browser

CVE-2016-0291

HIGH
8.8
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile29.76th
PublishedFeb 28, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by leveraging report server access. IBM X-Force ID: 111302.

Affected Platforms (CPE)

πŸ“¦
Ibm

Bigfix Platform

>= 9.1 and < 9.1.8
πŸ“¦
Ibm

Bigfix Platform

>= 9.2 and < 9.2.8
πŸ“¦
Ibm

Bigfix Platform

= 9.0

References & Advisories

πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21985748
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/111302
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21985748
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/111302

Related Vulnerabilities

CVE-2016-608210.0

IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race conditi...

CVE-2018-14759.8

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force accou...

CVE-2019-40139.0

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. ...

CVE-2018-14798.8

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...