Medium Severity

IBM Security Bulletin: IBM Spectrum LSF is affected by a privilege escalation vulnerability

Share this post:

IBM Spectrum LSF has addressed the following vulnerability. Enhancing the eauth executable file to prevent the preloading of getuid to avoid the users changing their job user at job submission time.

CVE(s): CVE-2018-1724

Affected product(s) and affected version(s):

Affected IBM Platform LSF Affected Versions
IBM Spectrum LSF 10.1
IBM Spectrum LSF 9.1.1
IBM Spectrum LSF 9.1.2
IBM Spectrum LSF 9.1.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/docview.wss?uid=ibm10734767

X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147439

More Medium Severity stories

IBM Security Bulletin: Open Source Python-paramiko vulnerability affects IBM Netezza Host Management.

Dec 11, 2018 9:02 am EST | High Severity

Open Source Python-paramiko is used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVE. CVE(s): CVE-2018-1000805 Affected product(s) and affected version(s): IBM Netezza Host Management 5.4.5.0 – 5.4.22.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10787453X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/151370 ...read more


IBM Security Bulletin: Potential cross-site request forgery in WebSphere Application Server Admin Console (CVE-2018-1926)

Dec 11, 2018 9:02 am EST | Medium Severity

There is a potential cross-site request forgery in WebSphere Application Server Admin Console (CVE-2018-1926) CVE(s): CVE-2018-1926 Affected product(s) and affected version(s): This vulnerability affects the following: WebSphere Application Server Version 9.0 WebSphere Application Server Version 8.5 WebSphere Virtual Enterprise Version 8.0 WebSphere Virtual Enterprise Version 7.0 Refer to the following reference URLs for remediation and ...read more


IBM Security Bulletin: Potential Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2018-1901)

Dec 11, 2018 9:01 am EST | Medium Severity

There is a timing window where there could be a privilege escalation vulnerability in WebSphere Application Server. CVE(s): CVE-2018-1901 Affected product(s) and affected version(s): This vulnerability affects the following versions and releases of IBM WebSphere Application Server: Liberty Version 9.0 Version 8.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: ...read more