Vulnerability Description
IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Bigfix Platform | >= 9.2, <= 9.2.16 |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=ibm10870242Broken LinkVendor Advisory
- http://www.rapid7.com/db/modules/auxiliary/gather/ibm_bigfix_sites_packages_enumThird Party Advisory
- http://www.securityfocus.com/bid/107189Broken LinkThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/156869VDB EntryVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=ibm10870242Broken LinkVendor Advisory
- http://www.rapid7.com/db/modules/auxiliary/gather/ibm_bigfix_sites_packages_enumThird Party Advisory
- http://www.securityfocus.com/bid/107189Broken LinkThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/156869VDB EntryVendor Advisory
FAQ
What is CVE-2019-4061?
CVE-2019-4061 is a vulnerability with a CVSS score of 5.3 (MEDIUM). IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authentica...
How severe is CVE-2019-4061?
CVE-2019-4061 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-4061?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Bigfix Platform.