CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-4013

CRITICAL
9.0
CVSS Severity Score
EPSS Score0.1780%
EPSS Percentile26.51th
Published2019年4月10日
Last Modified2024年11月21日

Vulnerability Description

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.

Affected Platforms (CPE)

📦
Ibm

Bigfix Platform

>= 9.5.0 and <= 9.5.11

References & Advisories

🔗 http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html
🔗 http://www.ibm.com/support/docview.wss?uid=ibm10874666
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/155887
🔗 http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html
🔗 http://www.ibm.com/support/docview.wss?uid=ibm10874666
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/155887

相關漏洞威脅

CVE-2016-608210.0

IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free race conditi...

CVE-2018-14759.8

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force accou...

CVE-2018-14798.8

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...

CVE-2016-02918.8

IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by ...