Vulnerabilities > CVE-2019-15719 - Unspecified vulnerability in Altair PBS Professional

CVSS 8.0 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

altair

NVD

Published: 2019-10-09

Updated: 2020-08-24

Summary

Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user.

Vulnerable Configurations

Part	Description	Count
Application	Altair Altair PBS Professional 13.0.0 Altair PBS Professional 14.1.0 Altair PBS Professional 14.1.2 Altair PBS Professional 18.1.0 Altair PBS Professional 18.1.1 Altair PBS Professional 18.1.2 Altair PBS Professional 18.1.3 Altair PBS Professional 18.1.4 Altair PBS Professional 18.2.1 Altair PBS Professional 18.2.3 Altair PBS Professional 19.1.1 Altair PBS Professional 19.1.2 Altair PBS Professional 19.2.0 Altair PBS Professional 19.2.2 Altair PBS Professional 19.2.3	17

Packetstorm

data source	https://packetstormsecurity.com/files/download/154782/pbsprofessionalmom-bypass.txt
id	PACKETSTORM:154782
last seen	2019-10-09
published	2019-10-09
reporter	John Fitzpatrick
source	https://packetstormsecurity.com/files/154782/PBS-Professional-19.2.3-Authentication-Bypass.html
title	PBS Professional 19.2.3 Authentication Bypass

Summary

Vulnerable Configurations

Packetstorm

References