EUVD-2018-12054

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM BigFix 9.2 and 9.5 has weak account lockout allowing remote brute force attacks.

Reporter	Title	Published	Views	Family All 6
CNVD	IBM BigFix Platform Brute Force Vulnerability	28 Apr 201800:00	–	cnvd
CVE	CVE-2018-1475	27 Apr 201815:00	–	cve
Cvelist	CVE-2018-1475	27 Apr 201815:00	–	cvelist
NVD	CVE-2018-1475	27 Apr 201815:29	–	nvd
OSV	CVE-2018-1475	27 Apr 201815:29	–	osv
Prion	Code injection	27 Apr 201815:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "cab49a87-3fff-3597-93ae-1dce265a84de",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "8c231d7d-7bfe-3196-892e-501620b980da",
        "product": {
          "name": "BigFix Platform"
        },
        "product_version": "9.5"
      },
      {
        "id": "de90acff-9737-33b3-85fc-2844990af661",
        "product": {
          "name": "BigFix Platform"
        },
        "product_version": "9.2"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/140756
ibm	www.ibm.com/support/docview.wss
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.5High risk

Vulners AI Score9.5

CVSS 39.8

CVSS 25

EPSS0.00365