CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-1475

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile33.49th
Published2018年4月27日
Last Modified2024年11月21日

Vulnerability Description

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 140756.

Affected Platforms (CPE)

📦
Ibm

Bigfix Platform

>= 9.2 and <= 9.2.13
📦
Ibm

Bigfix Platform

>= 9.5 and <= 9.5.8

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=swg22015754
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/140756
🔗 http://www.ibm.com/support/docview.wss?uid=swg22015754
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/140756

相关漏洞威胁

CVE-2016-608210.0

IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race conditi...

CVE-2019-40139.0

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. ...

CVE-2018-14798.8

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...

CVE-2016-02918.8

IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by ...