Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM673020D43B23C5819B0E5EA015C41F43A304A504A8C25CF43EC043CAD80E9A17
HistoryJun 17, 2018 - 3:35 p.m.

Security Bulletin: A security vulnerability has been identified in IBM Reliable Scalable Cluster Technology shipped with IBM Tivoli System Automation for Multiplatforms (CVE-2017-1134).

2018-06-1715:35:05
www.ibm.com
7

0.0004 Low

EPSS

Percentile

5.1%

JSON

Summary

A privilege escalation vulnerability affects IBM Reliable Scalable Cluster Technology shipped with IBM Tivoli System Automation for Multiplatforms. That vulnerability has been addressed in this bulletin.

Vulnerability Details

CVEID: CVE-2017-1134 DESCRIPTION: IBM Reliable Scalable Cluster Technology could allow a local user to escalate their privileges to gain root access.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/121453 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM Tivoli System Automation for Multiplatforms 4.1 and 3.2.2.9.

Remediation/Fixes

The recommended solution is to apply the corresponding fix to IBM Tivoli System Automation for Multiplatforms. To select the fix you need to apply in your environment, click on ‘Download link’ in the table below.

  • If you are running IBM Tivoli System Automation for Multiplatforms 4.1, please apply interim fix “4.1.0.3-TIV-ITSAMP-<OS>-IFS001” where <OS> represents the operating system for which you want to install the interim fix of this product version. You can apply this interim fix on top of any fixpack of version 4.1.
  • If you are running IBM Tivoli System Automation for Multiplatforms 3.2.2, please first upgrade to fixpack IBM Tivoli System Automation for Multiplatforms 3.2.2.9. Then apply interim fix “3.2.2.9-TIV-ITSAMP-<OS>-IFS001” where <OS> represents the operating system for which you want to install the fix of this product version. Please note that this interim fix can not be applied to fixpack IBM Tivoli System Automation for Multiplatforms 3.2.2.8 or lower.
  • If you are running IBM Tivoli System Automation for Multiplatforms 3.2.1 or IBM Tivoli System Automation for Multiplatforms 3.2.0, then please contact IBM support.
Product VRMF APAR
IBM Tivoli System Automation for Multiplatforms 4.1 and 3.2.2 Download link

Workarounds and Mitigations

None.

Related

cvelist 1
ibm 3
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2017-1134
2017-03-20 16:00:00
ibm
ibm
Security Bulletin: Privilege escalation vulnerability affects IBM® DB2® LUW (CVE-2017-1134)
2018-06-16 13:47:55
Security Bulletin: BigInsights is affected by multiple vulnerabilities in Db2
2020-07-18 23:17:55
Security Bulletin: Security vulnerabilities have been identified in DB2 which is shipped with IBM Performance Management products
2018-06-17 15:46:17
prion
prion
Code injection
2017-03-20 16:59:00
nvd
nvd
CVE-2017-1134
2017-03-20 16:59:01
cve
cve
CVE-2017-1134
2017-03-20 16:59:01

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for 673020D43B23C5819B0E5EA015C41F43A304A504A8C25CF43EC043CAD80E9A17
cvelist1ibm3prion1nvd1cve1