First published: Tue Apr 09 2019(Updated: )
IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 155886.
Credit: psirt@us.ibm.com psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM BigFix WebUI Profile Management | =6 | |
Ibm Bigfix Webui Software Distribution | =23 | |
=6 | ||
=23 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-4012 is classified as a high severity vulnerability due to its potential for SQL injection.
To fix CVE-2019-4012, ensure you apply the latest security patches provided by IBM for BigFix WebUI Profile Management 6 and Software Distribution 23.
CVE-2019-4012 affects users of IBM BigFix WebUI Profile Management version 6 and Software Distribution version 23.
An attacker exploiting CVE-2019-4012 can view, add, modify, or delete information in the back-end database.
CVE-2019-4012 was published in 2019, highlighting the SQL injection vulnerability in specific IBM BigFix products.