IBM Platform LSF 9.1 and 10.1, IBM Spectrum LSF Suite 10.2, and IBM Spectrum Suite for HPA 10.2 Improper Privilege Management Vulnerability

Summary

IBM Platform LSF 9.1 and 10.1, IBM Spectrum LSF Suite 10.2, and IBM Spectrum Suite for HPA 10.2 could allow a local user to escalate their privileges due to weak file permissions when specific debug settings are enabled in a Linux or Unix environment.

Credit:

The information has been provided by Vendor

The original article can be found at https://www.ibm.com/support/pages/node/3357549


Details
Weak file permissions may exist on several files after specific debug settings are enabled in IBM Spectrum LSF in a Linux or Unix environment. This has the potential of privilege escalation by an attacker.

Vulnerable Systems:

IBM Platform LSF 9.1
IBM Spectrum LSF 10.1
IBM Spectrum LSF Suites 10.2
IBM Spectrum Computing Suite for High Performance Analytics 10.2

    CVE Information:

    CVE-2020-4278

    Disclosure Timeline:
    Published Date: 03/06/2020

    Categories: FeaturedNews