Wednesday, April 15, 2020

Security Bulletin: IBM InfoSphere Information Server may be vulnerable to attacks based on privilege escalation

A potential vulnerability based on privilege escalation was addressed by IBM InfoSphere Information Server.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
InfoSphere Information Server, Information Server on Cloud 11.7
InfoSphere Information Server, Information Server on Cloud 11.5
InfoSphere Information Server 11.3

 

Your installation is affected if all of the following apply to your installation

  • use Information Server 11.7.1.0 or earlier versions
       or upgraded such an installation to a release after 11.7.1.0
  • use WebSphere Application Server Network Deployment (WAS ND)
  • originally installed Information Server using a umask weaker than 022
       Note that the install instructions indicate that umask 022 should be used.

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6191679

The post Security Bulletin: IBM InfoSphere Information Server may be vulnerable to attacks based on privilege escalation appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2VcV12J
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)