Lucene search

IbmCVELIST:CVE-2021-20349

HistoryAug 09, 2021 - 4:05 p.m.

CVE-2021-20349

2021-08-0916:05:12

ibm

www.cve.org

ibm

tivoli

workload scheduler

buffer overflow

vulnerability

x-force id

CVSS3

5.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C

AI Score

5.7

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599.

CNA Affected

[
  {
    "product": "Workload Scheduler",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "9.4"
      },
      {
        "status": "affected",
        "version": "9.5"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/194599

www.ibm.com/support/pages/node/6479347

CVSS3

5.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C

AI Score

5.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2021-20349