5.2
CVSSv2

CVE-2019-15719

Published: 09/10/2019 Updated: 16/10/2019
CVSS v2 Base Score: 5.2 | Impact Score: 6.4 | Exploitability Score: 5.1
Vector: AV:A/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

Altair PBS Professional up to and including 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user.

Vulnerability Trend

Affected Products

Vendor Product Versions
AltairPbs Professional13.0.0, 14.1.0, 14.1.2, 18.1.0, 18.1.1, 18.1.2, 18.1.3, 18.1.4, 18.2.1, 18.2.3, 19.1.1, 19.1.2, 19.2.0, 19.2.2, 19.2.3

Mailing Lists

PBS Professional versions 1923 and below suffer from an authentication bypass vulnerability ...
=========================================================== PBS Professional MoM Authentication Bypass (CVE-2019-15719) =========================================================== * Software: PBS Professional * Affected Versions: All versions up to and including 1923 * Vendor: Altair Engineering, Inc * CVE Reference: CVE-2019-15719 * Severity: C ...