Apra143

**Name of the Vulnerable Software and Affected Versions** Dillon Kane Tidal Workload Automation Agent version 3.2.0.5 **Description** An issue was discovered that allows local users to gain privileges via Command Injection in crafted `Tidal Job Buffers (TJB)` parameters. This issue exists because a previous solution did not address AIX operating systems. **Recommendations** For version 3.2.0.5, consider restricting access to the `Tidal Job Buffers (TJB)` parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.