CVE-2019-4013

Sažetak

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.

Reference

http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html
http://www.ibm.com/support/docview.wss?uid=ibm10874666
https://exchange.xforce.ibmcloud.com/vulnerabilities/155887

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

07-10-2019 - 17:15

Objavljeno

10-04-2019 - 15:29