PT-2025-35826 · Ibm · Transformation Advisor

Mike Whale

·

Publicado

2025-09-03

·

Atualizado

2026-05-23

·

CVE-2025-36193

CVSS v3.1

8.4

Alta

VetorAV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions IBM Transformation Advisor versions 2.0.1 through 4.3.1
Description IBM Transformation Advisor incorrectly assigns privileges to security critical files. This could allow a local root escalation within a container running the IBM Transformation Advisor Operator Catalog image.
Recommendations Apply necessary privilege restrictions to security critical files in IBM Transformation Advisor versions 2.0.1 through 4.3.1.

Correção

LPE

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2025-36193

Produtos afetados

Transformation Advisor