PT-2019-16841 · Ibm · Ibm Bigfix Platform

Published

2019-04-10

Updated

2019-10-07

CVE-2019-4013

CVSS v3.1

9.9

Critical

Vector

AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM BigFix Platform version 9.5

Description The issue allows any authenticated user to upload files to any location on the server with root privileges, resulting in code execution on the underlying system with root privileges.

Recommendations For IBM BigFix Platform version 9.5, update to a version that includes a fix for this issue to prevent code execution with root privileges.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2019-4013

Affected Products

Ibm Bigfix Platform

PT-2019-16841 · Ibm · Ibm Bigfix Platform

CVE-2019-4013

Weakness Enumeration

Related Identifiers

Affected Products

References · 6