CVE-2018-1386

EUVD-2018-11965
IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ibmCNA
7.4 HIGH
LOCAL
HIGH
NONE
CVSS:3.0/A:H/AC:H/AV:L/C:H/I:H/PR:N/S:U/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
ibmtivoli_workload_scheduler
8.6
ibmtivoli_workload_scheduler
9.1
ibmtivoli_workload_scheduler
9.2
ibmtivoli_workload_scheduler
9.3
ibmtivoli_workload_scheduler
9.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg22012171
https://exchange.xforce.ibmcloud.com/vulnerabilities/138208
http://www.ibm.com/support/docview.wss?uid=swg22012171
https://exchange.xforce.ibmcloud.com/vulnerabilities/138208