09/25/19: vBulletin WidgetConfig Unauthenticated Remote Code Execution

Comments

2 comments

  • Avatar
    Kirsten Flores

    On September 25, 2019, Alert Logic released specific IDS signatures to enable for more efficient monitoring of CVE-2019-16759 by the Alert Logic Security Operations Center. 

    Also on September 25, vBulletin released a patch for versions 5.5.2, 5.5.3, and 5.5.4. To download and learn more about the patch, refer to vBulletin's patch announcement. If you are using a version of vBulletin 5 Connect prior to 5.5.2, vBulletin recommends that you upgrade as soon as possible to mitigate this vulnerability.

    0
    Comment actions Permalink
  • Avatar
    Kirsten Flores

    Vulnerability scan coverage was released on September 25, 2019, to identify vulnerable assets. 

    0
    Comment actions Permalink

Please sign in to leave a comment.