Vulnerability Details CVE-2019-4088
IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allow a local attacker to gain elevated privileges on the system, caused by loading a specially crafted library loaded by the dsmqsan module. By setting up such a library, a local attacker could exploit this vulnerability to gain root privileges on the vulnerable system. IBM X-Force ID: 157511.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.3%
CVSS Severity
CVSS v3 Score 7.4
CVSS v2 Score 7.2
References
Products affected by CVE-2019-4088
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.0.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.1.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.3.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.4.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.5.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.6.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.7.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.8.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:7.1.9.200
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.0.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.1.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.2.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.3.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.4.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.5.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.6.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.7.000