Vulnerability Description
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Bigfix Platform | >= 9.5.0, <= 9.5.11 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitar
- http://www.ibm.com/support/docview.wss?uid=ibm10874666Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/155887VDB EntryVendor Advisory
- http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitar
- http://www.ibm.com/support/docview.wss?uid=ibm10874666Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/155887VDB EntryVendor Advisory
FAQ
What is CVE-2019-4013?
CVE-2019-4013 is a vulnerability with a CVSS score of 9.0 (CRITICAL). IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileg...
How severe is CVE-2019-4013?
CVE-2019-4013 has been rated CRITICAL with a CVSS base score of 9.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-4013?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Bigfix Platform.