Command Injection Vulnerability in IBM BigFix Platform
CVE-2016-0291
8.8HIGH
What is CVE-2016-0291?
IBM BigFix Platform versions 9.0, 9.1 (prior to 9.1.8), and 9.2 (prior to 9.2.8) are susceptible to a command injection vulnerability. Threat actors with authenticated access to the report server can exploit this flaw to execute arbitrary commands on the server, potentially compromising the system's integrity and confidentiality. Ensuring that all affected versions are updated is crucial for safeguarding sensitive information and enhancing the overall security posture.