Ibm: >> Embedded Websphere Application Server Security Vulnerabilities
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.
CVSS Score
6.9
EPSS Score
0.0
Published
2014-07-29