Vulnerabilities > CVE-2019-15719 - Unspecified vulnerability in Altair PBS Professional

CVSS 5.2 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

low complexity

altair

NVD

Published: 2019-10-09

Updated: 2020-08-24

Summary

Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user.

Vulnerable Configurations

Part	Description	Count
Application	Altair Altair PBS Professional 13.0.0 Altair PBS Professional 14.1.0 Altair PBS Professional 14.1.2 Altair PBS Professional 18.1.0 Altair PBS Professional 18.1.1 Altair PBS Professional 18.1.2 Altair PBS Professional 18.1.3 Altair PBS Professional 18.1.4 Altair PBS Professional 18.2.1 Altair PBS Professional 18.2.3 Altair PBS Professional 19.1.1 Altair PBS Professional 19.1.2 Altair PBS Professional 19.2.0 Altair PBS Professional 19.2.2 Altair PBS Professional 19.2.3	17

Packetstorm

data source	https://packetstormsecurity.com/files/download/154782/pbsprofessionalmom-bypass.txt
id	PACKETSTORM:154782
last seen	2019-10-09
published	2019-10-09
reporter	John Fitzpatrick
source	https://packetstormsecurity.com/files/154782/PBS-Professional-19.2.3-Authentication-Bypass.html
title	PBS Professional 19.2.3 Authentication Bypass

Summary

Vulnerable Configurations

Packetstorm

References