PT-2019-16841 · Ibm · Ibm Bigfix Platform

Publicado

2019-04-10

Atualizado

2019-10-07

CVE-2019-4013

CVSS v3.1

9.9

Crítica

Vetor

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM BigFix Platform version 9.5

Description The issue allows any authenticated user to upload files to any location on the server with root privileges, resulting in code execution on the underlying system with root privileges.

Recommendations For IBM BigFix Platform version 9.5, update to a version that includes a fix for this issue to prevent code execution with root privileges.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2019-4013

Produtos afetados

Ibm Bigfix Platform

PT-2019-16841 · Ibm · Ibm Bigfix Platform

CVE-2019-4013

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6