Hello ! New security alert concerning the IBM® Performance Tools for i licensed program.
IBM® Performance Tools for i includes numerous additional applications that complement or extend the capabilities of the basic performance tools available in the operating system, such as performance data collection, analysis and reporting functions.
However, following the publication of the security bulletin (which you can find here: https: //lnkd.in/dwiP892T) the IBM i is now vulnerable to a local elevation of privileges.
This elevation can occur following the call of a program without library qualification in the IBM Performance Tools for i program applications.
This intrusion could give a malicious actor administrator privileges in order to execute arbitrary code.
As you now know, an intrusion-based elevation of rights is a great danger for the IBM i, which is why this flaw is given a CVSS risk of 7.4.
To repair this flaw, simply apply the appropriate application patches to your IBM i.
For more information on the alert bulletin, here is a link to the official publication on the support site:
