Stack-based Buffer Overflow in IBM Tivoli Workload Scheduler
CVE-2021-20349

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
9 August 2021

Summary

IBM Tivoli Workload Scheduler versions 9.4 and 9.5 have a vulnerability that allows local attackers to exploit a stack-based buffer overflow due to improper bounds checking. This can enable unauthorized access to lower-level privileges, potentially compromising system integrity and security configurations. It is essential for users of the affected versions to apply the appropriate security updates to mitigate this risk.

Affected Version(s)

Workload Scheduler 9.4

Workload Scheduler 9.5

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.