PT-2025-35826 · Ibm · Transformation Advisor
Mike Whale
·
Published
2025-09-03
·
Updated
2026-05-23
·
CVE-2025-36193
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Transformation Advisor versions 2.0.1 through 4.3.1
Description
IBM Transformation Advisor incorrectly assigns privileges to security critical files. This could allow a local root escalation within a container running the IBM Transformation Advisor Operator Catalog image.
Recommendations
Apply necessary privilege restrictions to security critical files in IBM Transformation Advisor versions 2.0.1 through 4.3.1.
Fix
LPE
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Transformation Advisor