Tivoli Workload Scheduler

tivoli_workload_scheduler

Vendor: Ibm • 7 CVEs

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-38389 1Ibm 1Tivoli Workload Scheduler Nov 21, 2024 Feb 3, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information...Show more IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 233975.Show less
CVE-2022-22486 1Ibm 1Tivoli Workload Scheduler Nov 21, 2024 Feb 3, 2023 N/A· v4 9.1 CRITICAL· v3 N/A· v2 IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information...Show more IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226328.Show less
CVE-2021-20349 1Ibm 1Tivoli Workload Scheduler Nov 21, 2024 Aug 9, 2021 N/A· v4 5.3 MEDIUM· v3 4.6 MEDIUM· v2 IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 1945...Show more IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599.Show less
CVE-2019-4608 1Ibm 1Tivoli Workload Scheduler Nov 21, 2024 Mar 10, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Tivoli Workload Scheduler 9.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr...Show more IBM Tivoli Workload Scheduler 9.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168508.Show less
CVE-2019-4031 1Ibm 1Tivoli Workload Scheduler Nov 21, 2024 Oct 16, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the attacker to gain root privileges. IBM X-Fo...Show more IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a vulnerability that could allow a local user to write files as root in the file system, which could allow the attacker to gain root privileges. IBM X-Force ID: 155997.Show less
CVE-2018-1386 1Ibm 1Tivoli Workload Scheduler Nov 21, 2024 Mar 14, 2018 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM...Show more IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208.Show less
CVE-2017-1716 1Ibm 1Tivoli Workload Scheduler May 13, 2026 Dec 13, 2017 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. IBM X-Force ID: 134638.