IBM BigFix Remote Control could allow a local user to use the component to replace files to which they do not have write access and could be executed with Local System or root privileges.
CVE(s): CVE-2017-1233
Affected product(s) and affected version(s):
IBM BigFix Remote Control version 9.1.4
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22011765
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/123912
The post IBM Security Bulletin: Privileged escalation in IBM BigFix Remote Control (CVE-2017-1233) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2nlOfqg
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.