Medium Severity

IBM Security Bulletin: IBM Spectrum LSF is affected by a privilege escalation vulnerability

Share this post:

IBM Spectrum LSF has addressed the following vulnerability. Enhancing the eauth executable file to prevent the preloading of getuid to avoid the users changing their job user at job submission time.

CVE(s): CVE-2018-1724

Affected product(s) and affected version(s):

Affected IBM Platform LSF Affected Versions
IBM Spectrum LSF 10.1
IBM Spectrum LSF 9.1.1
IBM Spectrum LSF 9.1.2
IBM Spectrum LSF 9.1.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/docview.wss?uid=ibm10734767

X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147439

More Medium Severity stories

IBM Security Bulletin: Directory traversal vulnerability in IBM Robotic Process Automation with Automation Anywhere (CVE-2018-2006)

Feb 19, 2019 9:00 am EST | Medium Severity

IBM Robotic Process Automation with Automation Anywhere is vulnerable to directory traversal CVE(s): CVE-2018-2006 Affected product(s) and affected version(s): IBM Robotic Process Automation with Automation Anywhere Affected Versions IBM Robotic Process Automation with Automation Anywhere 11.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10794133X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155008 ...read more


IBM Security Bulletin: This Power System update is being released to address CVE-2018-8931

Feb 19, 2019 9:00 am EST | Medium Severity

Power8/Power9: In response to a security bypass vulnerability, a new Power System firmware update is being released to address Common Vulnerabilities and Exposures issue number CVE-2018-8931. The P8 and P9 Processors have a “Self Boot Engine” (SBE) that is used to initialize the processor before Primary Boot Firmware takes over the IPL. The SBE’s code ...read more


IBM Security Bulletin: IBM Cloud Transformation Advisor is affected by a CVE-2018-1901 vulnerability

Feb 19, 2019 9:00 am EST | Medium Severity

IBM Cloud Transformation Advisor has addressed the following vulnerability. CVE-2018-1901 CVE(s): CVE-2018-1901 Affected product(s) and affected version(s):IBM Cloud Transformation Advisor Continuous Delivery Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10871892X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/152530 ...read more