CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-6689

An issue was discovered in Dillon Kane Tidal Workload Automation Agent 3.2.0.5 (formerly known as Cisco Workload Automation or CWA). The Enterprise Scheduler for AIX allows local users to gain privileges via Command Injection in crafted Tidal Job Buffers (TJB) parameters. NOTE: this vulnerability exists because the CVE-2014-3272 solution did not address AIX operating systems.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://ashsecurity.wordpress.com/2019/04/25/an-improper-cisco-fix-for-cve-2014-3272/
https://ashsecurity.wordpress.com/2019/04/25/an-improper-cisco-fix-for-cve-2014-3272/

Products affected by CVE-2019-6689

Dillonkane » Tidal Workload Automation » Version: 3.2.0.5

cpe:2.3:a:dillonkane:tidal_workload_automation:3.2.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-6689

Products

Pricing

Contact Us