The BigFix Platform (WebReports) could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected.
CVE(s): CVE-2016-0396
Affected product(s) and affected version(s):
BigFix Platform version 9.0
BigFix Platform version 9.1
BigFix Platform version 9.2
BigFix Platform version 9.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2fPpDoC
X-Force Database: http://ift.tt/2fvPH3Z
from IBM Product Security Incident Response Team http://ift.tt/2fPtVMJ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.