A vulnerability in PostgreSQL affects IBM Spectrum Protect™ Plus. This vulnerability could result in a local authenticated attacker gaining elevated privileges on the system.
CVEID: CVE-2017-15097 DESCRIPTION: PostgreSQL could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in the Red Hat Start scripts. An attacker could exploit this vulnerability to gain root access to the server machine.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/136153 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
IBM Spectrum Protect Plus 10.1.0 and 10.1.1.
IBM Spectrum Protect Plus Release
| First Fixing
VRM Level|Platform|Link to Fix / Fix Availability Target
—|—|—|—
10.1 | 10.1.2 | Linux |
<http://www.ibm.com/support/docview.wss?uid=swg24044949>
None