← back
CVE-2019-4061

CVE-2019-4061

CVSS 5.3 MEDIUMEPSS 22.5%
Vexday Risk Score
33Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 5.3EPSS 22.5%KEV nãoPoC Nuclei simMetasploit simPatch
Lifecycle
27 Feb 2019Published on NVD
18 Mar 2019Metasploit module available
Recommendation: Plan a near-term fix — a public PoC already exists.
In short

IBM BigFix Platform versions 9.2 and 9.5 allow attackers to remotely query relay servers without authentication to discover what updates and security patches are deployed across the network. This information leak can help attackers plan targeted attacks against known vulnerabilities.

Technical detail

An unauthenticated attacker can query the BigFix relay server remotely to enumerate deployed fixlets and updates across associated sites due to missing authentication controls. This information disclosure vulnerability enables reconnaissance of the target environment's patch status and security posture without requiring credentials.

Summary generated and translated by AI from the official description.
IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.
CVSS:3.0/A:N/AC:L/AV:N/C:L/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O
Affected products
IBM · BigFix Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/156869http://www.ibm.com/support/docview.wss?uid=ibm10870242http://www.rapid7.com/db/modules/auxiliary/gather/ibm_bigfix_sites_packages_enumhttp://www.securityfocus.com/bid/107189