IBM Cloud Private could allow a local user to obtain the CA Private Key due to it being world readable in boot/master node.
CVEID: CVE-2018-1841 DESCRIPTION: IBM Cloud private could allow a local user to obtain the CA Private Key due to it being world readable in boot/master node.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/150901> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
IBM Cloud Private 2.1.0
For IBM Cloud Private 2.1.0.x releases, upgrade to versions 3.1.0 or higher
File Systems permissions may be set using chmod