CyberSec.Space Logo
Back to CVE Browser

CVE-2018-1479

HIGH
8.8
CVSS Severity Score
EPSS Score0.1570%
EPSS Percentile20.14th
PublishedApr 27, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 140761.

Affected Platforms (CPE)

πŸ“¦
Ibm

Bigfix Platform

>= 9.2 and <= 9.2.13
πŸ“¦
Ibm

Bigfix Platform

>= 9.5 and <= 9.5.8

References & Advisories

πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22015754
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/140761
πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22015754
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/140761

Related Vulnerabilities

CVE-2016-608210.0

IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race conditi...

CVE-2018-14759.8

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force accou...

CVE-2019-40139.0

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. ...

CVE-2016-02918.8

IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by ...