cvelist/2019/4xxx/CVE-2019-4013.json

{
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "value": "Gain Privileges",
                        "lang": "eng"
                    }
                ]
            }
        ]
    },
    "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "STATE": "PUBLIC",
        "DATE_PUBLIC": "2019-03-11T00:00:00",
        "ID": "CVE-2019-4013"
    },
    "impact": {
        "cvssv3": {
            "BM": {
                "AC": "L",
                "C": "H",
                "UI": "R",
                "A": "H",
                "I": "H",
                "PR": "L",
                "S": "C",
                "AV": "N",
                "SCORE": "9.000"
            },
            "TM": {
                "RC": "C",
                "RL": "O",
                "E": "U"
            }
        }
    },
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "value": "IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.",
                "lang": "eng"
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "BigFix Platform",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "9.5"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "IBM"
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
                "refsource": "CONFIRM",
                "name": "http://www.ibm.com/support/docview.wss?uid=ibm10874666",
                "title": "IBM Security Bulletin 874666 (BigFix Platform)"
            },
            {
                "refsource": "XF",
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155887",
                "title": "X-Force Vulnerability Report",
                "name": "ibm-bigfix-cve2019-4013-code-exec (155887)"
            },
            {
                "refsource": "MISC",
                "name": "http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html",
                "url": "http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html"
            }
        ]
    },
    "data_type": "CVE",
    "data_format": "MITRE"
}
- Synchronized data. 2019-01-03 15:04:29 -05:00			`{`
"-Synchronized-Data." 2019-04-10 15:00:45 +00:00			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"value": "Gain Privileges",`
			`"lang": "eng"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"CVE_data_meta": {`
			`"ASSIGNER": "psirt@us.ibm.com",`
			`"STATE": "PUBLIC",`
			`"DATE_PUBLIC": "2019-03-11T00:00:00",`
			`"ID": "CVE-2019-4013"`
			`},`
			`"impact": {`
			`"cvssv3": {`
			`"BM": {`
			`"AC": "L",`
			`"C": "H",`
			`"UI": "R",`
			`"A": "H",`
			`"I": "H",`
			`"PR": "L",`
			`"S": "C",`
			`"AV": "N",`
			`"SCORE": "9.000"`
			`},`
			`"TM": {`
			`"RC": "C",`
			`"RL": "O",`
			`"E": "U"`
			`}`
			`}`
			`},`
			`"data_version": "4.0",`
			`"description": {`
			`"description_data": [`
			`{`
			`"value": "IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.",`
			`"lang": "eng"`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "BigFix Platform",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "9.5"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "IBM"`
			`}`
IBM20190410-10810 Added CVE-2018-1903, CVE-2019-4013, CVE-2018-1994 2019-04-10 10:08:10 -04:00			`]`
"-Synchronized-Data." 2019-04-10 15:00:45 +00:00			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "http://www.ibm.com/support/docview.wss?uid=ibm10874666",`
			`"refsource": "CONFIRM",`
			`"name": "http://www.ibm.com/support/docview.wss?uid=ibm10874666",`
			`"title": "IBM Security Bulletin 874666 (BigFix Platform)"`
			`},`
"-Synchronized-Data." 2019-03-18 06:03:06 +00:00			`{`
"-Synchronized-Data." 2019-04-10 15:00:45 +00:00			`"refsource": "XF",`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155887",`
			`"title": "X-Force Vulnerability Report",`
			`"name": "ibm-bigfix-cve2019-4013-code-exec (155887)"`
"-Synchronized-Data." 2019-10-07 17:00:58 +00:00			`},`
			`{`
			`"refsource": "MISC",`
			`"name": "http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html",`
			`"url": "http://packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File-Upload-Code-Execution.html"`
"-Synchronized-Data." 2019-03-18 06:03:06 +00:00			`}`
"-Synchronized-Data." 2019-04-10 15:00:45 +00:00			`]`
			`},`
			`"data_type": "CVE",`
			`"data_format": "MITRE"`
			`}`