Privilege escalation vulnerability in the IBM Tivoli Composite Application Manager Agent for Sybase ASE could be exploited by a local user to gain elevated privilege of another user.
CVEID: CVE-2013-5467
Description: Privilege escalation vulnerability could be exploited by a local user to gain elevated privilege of another user.
CVSS Base Score: 6.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/88370> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)
IBM Tivoli Composite Application Manager for Applications V7.2: Tivoli Composite Application Manager Agent for Sybase ASE 6.2.
The following are the fixes for Monitoring Agent for Sybase ASE:
Fix | VRMF | How to acquire fix |
---|---|---|
6.2.0-TIV-ITM_SYB-FP0001 | 6.2.0 | http://www-01.ibm.com/support/docview.wss?uid=swg24042781 |
The fix is bundled with IBM Tivoli Composite Application Manager for Applications V7.2.1.2.
Contact IBM Support for options.