There is a potential vulnerability in IBM InfoSphere Streams when the instance runAsUser property is set. IBM InfoSphere Streams has addressed this vulnerability.
CVEID: CVE-2016-2867**
DESCRIPTION:** In certain supported configurations of IBM InfoSphere Streams, setting the instance runAsUser property can result in operator code using the group id of the root user instead of the group id of the runAsUser for checking permissions.
CVSS Base Score: 7.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112763 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
NOTE: Fix Packs are available on IBM Fix Central.
None