CVE-2019-4061

CVSS 5.3 MEDIUMEPSS 22.5%

In short

IBM BigFix Platform versions 9.2 and 9.5 allow attackers to remotely query relay servers without authentication to discover what updates and security patches are deployed across the network. This information leak can help attackers plan targeted attacks against known vulnerabilities.

Technical detail

An unauthenticated attacker can query the BigFix relay server remotely to enumerate deployed fixlets and updates across associated sites due to missing authentication controls. This information disclosure vulnerability enables reconnaissance of the target environment's patch status and security posture without requiring credentials.

Summary generated and translated by AI from the official description.

IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.

CVSS:3.0/A:N/AC:L/AV:N/C:L/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O

Affected products

IBM · BigFix Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/156869 http://www.ibm.com/support/docview.wss?uid=ibm10870242 http://www.rapid7.com/db/modules/auxiliary/gather/ibm_bigfix_sites_packages_enum http://www.securityfocus.com/bid/107189