IBM BigFix Platform Multiple Security Vulnerabilities
IBM BigFix Platform is prone to the following multiple security vulnerabilities:
1. Multiple information-disclosure vulnerabilities
2. security-Bypass vulnerability
3. A cross-site-scripting vulnerability
4. A cross-site request-forgery vulnerability
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials, perform unauthorized actions or obtain sensitive information.
BigFix Platform versions 9.5 and 9.2 are vulnerable.