Local File Write Vulnerability in IBM Workload Scheduler
CVE-2019-4031

8.4HIGH

Key Information:

Vendor: IBM
Status: Workload Scheduler Distributed
Vendor: CVE Published:; 16 October 2019

Summary

IBM Workload Scheduler Distributed versions 9.2 to 9.5 are impacted by a vulnerability that allows local users to write files as root, potentially enabling attackers to gain elevated privileges. This weakness poses significant risks to system integrity and security. It is essential for administrators to review the affected version and apply necessary security measures.

Affected Version(s)

Workload Scheduler Distributed 9.2

Workload Scheduler Distributed 9.3

Workload Scheduler Distributed 9.4

References

https://www.ibm.com/support/pages/node/1076775

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/155997

vdb-entryx_refsource_XF

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 16, 2019
Vulnerability Reserved
Jan 3, 2019