Privilege Escalation in IBM Sterling Connect:Direct for UNIX
CVE-2018-1903

6.7MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
10 April 2019

Summary

A vulnerability in IBM Sterling Connect:Direct for UNIX allows a user with restricted sudo access on a system to manipulate the application to gain full sudo access. This flaw can lead to unauthorized access, enabling potential exploitation of system resources. Administrators should apply relevant patches and adhere to best security practices to mitigate risks. For further details, please refer to IBM's support documentation and updated vulnerability reports.

Affected Version(s)

Sterling Connect:Direct for UNIX 4.2.0

Sterling Connect:Direct for UNIX 4.3.0

Sterling Connect:Direct for UNIX 6.0.0

References

CVSS V3.1

Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.