Unauthorized Local Access in IBM Tivoli Workload Automation for AIX
CVE-2018-1386
7.4HIGH
Summary
The IBM Tivoli Workload Automation for AIX contains directories with improper permissions that may allow a local user with special access to escalate their privileges to root. This vulnerability affects multiple versions of the IBM Workload Scheduler and could potentially lead to unauthorized access to sensitive system resources. Regular updates and proper permission configurations are essential to mitigate this risk.
Affected Version(s)
Workload Scheduler 8.6
Workload Scheduler 9.1
Workload Scheduler 9.2
References
CVSS V3.1
Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved