IBM Support

A privilege escalation vulnerability on the Engine tier (8.5 & 8.5 Fix Pack 1) can allow the dsadm user to gain root authority.

Flashes (Alerts)


Abstract

A privilege escalation vulnerability on the Engine tier (8.5 & 8.5 Fix Pack 1) can allow the dsadm user to gain root authority on UNIX and Linux systems.

Content

UNIX and Linux systems that host the InfoSphere Information Server Engine tier have a privilege escalation vulnerability that can allow the dsadm user to execute commands as root.

Users on Windows platforms are not affected.

This issue is specific to release 8.5 and 8.5 Fix Pack 1 and does not affect prior versions of Information Server or DataStage.

All Information Server users should install the patch for JR39769 to resolve the issue using the latest version of the Information Server Update Installer.

[{"Product":{"code":"SSVSEF","label":"IBM InfoSphere DataStage"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"}],"Version":"8.5.0.1;8.5","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
25 September 2022

UID

swg21504279