What is CVE-2019-4013?

CVE-2019-4013 is a critical-severity vulnerability in Ibm Bigfix Platform. CVSS score: 9.0/10. Published 2019-04-10.

How severe is CVE-2019-4013?

Critical severity. CVSS v3 base score is 9.0 out of 10.

Is CVE-2019-4013 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Bigfix Platform

CVE-2019-4013

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.

EPSS: 0.161 (94.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.0 (Critical). Vector: CVSS:3.0/AC:L/C:H/UI:R/A:H/I:H/PR:L/S:C/AV:N/RC:C/RL:O/E:U.

Affected products

Ibm Bigfix Platform — versions 9.5

Public proof-of-concept exploits

ARPSyndicate/cvemon

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-bigfix-cve2019-4013-code-exec (155887) (vdb-entry, x_refsource_XF)
packetstormsecurity.com/files/154747/IBM-Bigfix-Platform-9.5.9.62-Arbitary-File… (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-4013?: CVE-2019-4013 is a critical-severity vulnerability in Ibm Bigfix Platform. CVSS score: 9.0/10. Published 2019-04-10.
How severe is CVE-2019-4013?: Critical severity. CVSS v3 base score is 9.0 out of 10.
Is CVE-2019-4013 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.