PT-2021-5664 · Ibm · Ibm Tivoli Workload Scheduler

Lukasz Plonka

Published

2021-08-09

Updated

2021-08-17

CVE-2021-20349

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions IBM Tivoli Workload Scheduler versions 9.4 through 9.5

Description The issue is caused by improper bounds checking, leading to a stack-based buffer overflow. A local attacker could exploit this to gain lower level privileges, potentially impacting the confidentiality, integrity, and availability of protected information.

Recommendations For IBM Tivoli Workload Scheduler versions 9.4 and 9.5, consider applying security patches or updates to fix the improper bounds checking issue, which is causing the stack-based buffer overflow. As a temporary workaround, restrict access to sensitive areas of the system to minimize the risk of exploitation.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2022-00103

CVE-2021-20349

Affected Products

Ibm Tivoli Workload Scheduler

PT-2021-5664 · Ibm · Ibm Tivoli Workload Scheduler

CVE-2021-20349

Weakness Enumeration

Related Identifiers

Affected Products

References · 8