CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-1479

HIGH
8.8
CVSS Severity Score
EPSS Score0.1570%
EPSS Percentile20.14th
Published2018年4月27日
Last Modified2024年11月21日

Vulnerability Description

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 140761.

Affected Platforms (CPE)

📦
Ibm

Bigfix Platform

>= 9.2 and <= 9.2.13
📦
Ibm

Bigfix Platform

>= 9.5 and <= 9.5.8

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=swg22015754
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/140761
🔗 http://www.ibm.com/support/docview.wss?uid=swg22015754
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/140761

関連する脆弱性情報

CVE-2016-608210.0

IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race conditi...

CVE-2018-14759.8

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force accou...

CVE-2019-40139.0

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. ...

CVE-2016-02918.8

IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by ...