Privilege Escalation Vulnerability in IBM Spectrum Protect Servers and Storage Agents

Privilege Escalation Vulnerability in IBM Spectrum Protect Servers and Storage Agents

CVE-2019-4088 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. By setting up such a library, a local attacker could exploit this vulnerability to gain root privileges on the vulnerable system. IBM X-Force ID: 157511.

Learn more about our Cis Benchmark Audit For Server Software.