CVE-2019-15719 Information

Feb 14, 2021 cve

Description

Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom which fails to properly authenticate the message. This results in code execution as an arbitrary user.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://packetstormsecurity.com/files/154782/PBS-Professional-19.2.3-Authentication-Bypass.html https://www.hpcsec.com https://www.hpcsec.com/2019/10/08/cve-2019-15719/ https://www.pbspro.org/

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.0

Share on: