Privilege Escalation in IBM Sterling Connect:Direct for UNIX
CVE-2018-1903
6.7MEDIUM
Summary
A vulnerability in IBM Sterling Connect:Direct for UNIX allows a user with restricted sudo access on a system to manipulate the application to gain full sudo access. This flaw can lead to unauthorized access, enabling potential exploitation of system resources. Administrators should apply relevant patches and adhere to best security practices to mitigate risks. For further details, please refer to IBM's support documentation and updated vulnerability reports.
Affected Version(s)
Sterling Connect:Direct for UNIX 4.2.0
Sterling Connect:Direct for UNIX 4.3.0
Sterling Connect:Direct for UNIX 6.0.0
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved