CVE-2019-4061
Last modified
CVE-2019-4061 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.. EPSS estimates a 22.55% chance of exploitation in the next 30 days.
Description
IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Bigfix Platform | >= 9.2, <= 9.2.16 |
| Ibm | Bigfix Platform | >= 9.5, <= 9.5.11 |
References
- http://www.ibm.com/support/docview.wss?uid=ibm10870242Broken Link, Vendor Advisory
- http://www.rapid7.com/db/modules/auxiliary/gather/ibm_bigfix_sites_packages_enumThird Party Advisory
- http://www.securityfocus.com/bid/107189Broken Link, Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/156869VDB Entry, Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=ibm10870242Broken Link, Vendor Advisory
- http://www.rapid7.com/db/modules/auxiliary/gather/ibm_bigfix_sites_packages_enumThird Party Advisory
- http://www.securityfocus.com/bid/107189Broken Link, Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/156869VDB Entry, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-4061?
How severe is CVE-2019-4061?
How do I fix CVE-2019-4061?
Are you affected by CVE-2019-4061?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST