CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-0291

HIGH
8.8
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile29.76th
Published2018年2月28日
Last Modified2024年11月21日

Vulnerability Description

IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by leveraging report server access. IBM X-Force ID: 111302.

Affected Platforms (CPE)

📦
Ibm

Bigfix Platform

>= 9.1 and < 9.1.8
📦
Ibm

Bigfix Platform

>= 9.2 and < 9.2.8
📦
Ibm

Bigfix Platform

= 9.0

References & Advisories

🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21985748
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/111302
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21985748
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/111302

関連する脆弱性情報

CVE-2016-608210.0

IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race conditi...

CVE-2018-14759.8

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force accou...

CVE-2019-40139.0

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. ...

CVE-2018-14798.8

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...