IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HIBM Bigfix Platform
APPIbm9.5.0 – 9.5.11
Related vulnerabilities
IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker ...
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords ...
IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-aft...
IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication...
IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to e...